//===----------------------------------------------------------------------===//
//
// This source file is part of the Soto for AWS open source project
//
// Copyright (c) 2017-2024 the Soto project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of Soto project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

// THIS FILE IS AUTOMATICALLY GENERATED by https://github.com/soto-project/soto-codegenerator.
// DO NOT EDIT.

#if canImport(FoundationEssentials)
import FoundationEssentials
#else
import Foundation
#endif
@_spi(SotoInternal) import SotoCore

extension Route53Resolver {
    // MARK: Enums

    public enum Action: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case alert = "ALERT"
        case allow = "ALLOW"
        case block = "BLOCK"
        public var description: String { return self.rawValue }
    }

    public enum AutodefinedReverseFlag: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disable = "DISABLE"
        case enable = "ENABLE"
        case useLocalResourceSetting = "USE_LOCAL_RESOURCE_SETTING"
        public var description: String { return self.rawValue }
    }

    public enum BlockOverrideDnsType: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case cname = "CNAME"
        public var description: String { return self.rawValue }
    }

    public enum BlockResponse: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case nodata = "NODATA"
        case nxdomain = "NXDOMAIN"
        case override = "OVERRIDE"
        public var description: String { return self.rawValue }
    }

    public enum ConfidenceThreshold: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case high = "HIGH"
        case low = "LOW"
        case medium = "MEDIUM"
        public var description: String { return self.rawValue }
    }

    public enum DnsThreatProtection: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case dga = "DGA"
        case dnsTunneling = "DNS_TUNNELING"
        public var description: String { return self.rawValue }
    }

    public enum FirewallDomainImportOperation: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case replace = "REPLACE"
        public var description: String { return self.rawValue }
    }

    public enum FirewallDomainListStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case complete = "COMPLETE"
        case completeImportFailed = "COMPLETE_IMPORT_FAILED"
        case deleting = "DELETING"
        case importing = "IMPORTING"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum FirewallDomainRedirectionAction: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case inspectRedirectionDomain = "INSPECT_REDIRECTION_DOMAIN"
        case trustRedirectionDomain = "TRUST_REDIRECTION_DOMAIN"
        public var description: String { return self.rawValue }
    }

    public enum FirewallDomainUpdateOperation: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case add = "ADD"
        case remove = "REMOVE"
        case replace = "REPLACE"
        public var description: String { return self.rawValue }
    }

    public enum FirewallFailOpenStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "DISABLED"
        case enabled = "ENABLED"
        case useLocalResourceSetting = "USE_LOCAL_RESOURCE_SETTING"
        public var description: String { return self.rawValue }
    }

    public enum FirewallRuleGroupAssociationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case complete = "COMPLETE"
        case deleting = "DELETING"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum FirewallRuleGroupStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case complete = "COMPLETE"
        case deleting = "DELETING"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum IpAddressStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case attached = "ATTACHED"
        case attaching = "ATTACHING"
        case creating = "CREATING"
        case deleteFailedFasExpired = "DELETE_FAILED_FAS_EXPIRED"
        case deleting = "DELETING"
        case detaching = "DETACHING"
        case failedCreation = "FAILED_CREATION"
        case failedResourceGone = "FAILED_RESOURCE_GONE"
        case isolated = "ISOLATED"
        case remapAttaching = "REMAP_ATTACHING"
        case remapDetaching = "REMAP_DETACHING"
        case updateFailed = "UPDATE_FAILED"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum MutationProtectionStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "DISABLED"
        case enabled = "ENABLED"
        public var description: String { return self.rawValue }
    }

    public enum OutpostResolverStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case actionNeeded = "ACTION_NEEDED"
        case creating = "CREATING"
        case deleting = "DELETING"
        case failedCreation = "FAILED_CREATION"
        case failedDeletion = "FAILED_DELETION"
        case operational = "OPERATIONAL"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum ResolverAutodefinedReverseStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "DISABLED"
        case disabling = "DISABLING"
        case enabled = "ENABLED"
        case enabling = "ENABLING"
        case updatingToUseLocalResourceSetting = "UPDATING_TO_USE_LOCAL_RESOURCE_SETTING"
        case useLocalResourceSetting = "USE_LOCAL_RESOURCE_SETTING"
        public var description: String { return self.rawValue }
    }

    public enum ResolverDNSSECValidationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "DISABLED"
        case disabling = "DISABLING"
        case enabled = "ENABLED"
        case enabling = "ENABLING"
        case updateToUseLocalResourceSetting = "UPDATING_TO_USE_LOCAL_RESOURCE_SETTING"
        case useLocalResourceSetting = "USE_LOCAL_RESOURCE_SETTING"
        public var description: String { return self.rawValue }
    }

    public enum ResolverEndpointDirection: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case inbound = "INBOUND"
        case inboundDelegation = "INBOUND_DELEGATION"
        case outbound = "OUTBOUND"
        public var description: String { return self.rawValue }
    }

    public enum ResolverEndpointStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case actionNeeded = "ACTION_NEEDED"
        case autoRecovering = "AUTO_RECOVERING"
        case creating = "CREATING"
        case deleting = "DELETING"
        case operational = "OPERATIONAL"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum ResolverEndpointType: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case dualstack = "DUALSTACK"
        case ipv4 = "IPV4"
        case ipv6 = "IPV6"
        public var description: String { return self.rawValue }
    }

    public enum ResolverQueryLogConfigAssociationError: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case accessDenied = "ACCESS_DENIED"
        case destinationNotFound = "DESTINATION_NOT_FOUND"
        case internalServiceError = "INTERNAL_SERVICE_ERROR"
        case none = "NONE"
        public var description: String { return self.rawValue }
    }

    public enum ResolverQueryLogConfigAssociationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case actionNeeded = "ACTION_NEEDED"
        case active = "ACTIVE"
        case creating = "CREATING"
        case deleting = "DELETING"
        case failed = "FAILED"
        public var description: String { return self.rawValue }
    }

    public enum ResolverQueryLogConfigStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case created = "CREATED"
        case creating = "CREATING"
        case deleting = "DELETING"
        case failed = "FAILED"
        public var description: String { return self.rawValue }
    }

    public enum ResolverRuleAssociationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case complete = "COMPLETE"
        case creating = "CREATING"
        case deleting = "DELETING"
        case failed = "FAILED"
        case overridden = "OVERRIDDEN"
        public var description: String { return self.rawValue }
    }

    public enum ResolverRuleStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case complete = "COMPLETE"
        case deleting = "DELETING"
        case failed = "FAILED"
        case updating = "UPDATING"
        public var description: String { return self.rawValue }
    }

    public enum RuleTypeOption: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case delegate = "DELEGATE"
        case forward = "FORWARD"
        case recursive = "RECURSIVE"
        case system = "SYSTEM"
        public var description: String { return self.rawValue }
    }

    public enum ShareStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case notShared = "NOT_SHARED"
        case sharedByMe = "SHARED_BY_ME"
        case sharedWithMe = "SHARED_WITH_ME"
        public var description: String { return self.rawValue }
    }

    public enum SortOrder: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case ascending = "ASCENDING"
        case descending = "DESCENDING"
        public var description: String { return self.rawValue }
    }

    public enum Validation: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disable = "DISABLE"
        case enable = "ENABLE"
        case useLocalResourceSetting = "USE_LOCAL_RESOURCE_SETTING"
        public var description: String { return self.rawValue }
    }

    public enum `Protocol`: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case do53 = "Do53"
        case doh = "DoH"
        case dohfips = "DoH-FIPS"
        public var description: String { return self.rawValue }
    }

    // MARK: Shapes

    public struct AssociateFirewallRuleGroupRequest: AWSEncodableShape {
        /// A unique string that identifies the request and that allows failed requests to be
        /// 			retried without the risk of running the operation twice. CreatorRequestId
        /// 			can be any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// The unique identifier of the firewall rule group.
        public let firewallRuleGroupId: String
        /// If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.  When you create the association, the default setting is DISABLED.
        public let mutationProtection: MutationProtectionStatus?
        /// A name that lets you identify the association, to manage and use it.
        public let name: String
        /// The setting that determines the processing order of the rule group among the rule
        /// 			groups that you associate with the specified VPC. DNS Firewall filters VPC traffic
        /// 			starting from the rule group with the lowest numeric priority setting.  You must specify a unique priority for each rule group that you associate with a single VPC.  To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You  can change the priority setting for a rule group association after you create it. The allowed values for Priority are between 100 and 9900.
        public let priority: Int
        /// A list of the tag keys and values that you want to associate with the rule group association.
        public let tags: [Tag]?
        /// The unique identifier of the VPC that you want to associate with the rule group.
        public let vpcId: String

        @inlinable
        public init(creatorRequestId: String = AssociateFirewallRuleGroupRequest.idempotencyToken(), firewallRuleGroupId: String, mutationProtection: MutationProtectionStatus? = nil, name: String, priority: Int, tags: [Tag]? = nil, vpcId: String) {
            self.creatorRequestId = creatorRequestId
            self.firewallRuleGroupId = firewallRuleGroupId
            self.mutationProtection = mutationProtection
            self.name = name
            self.priority = priority
            self.tags = tags
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
            try self.validate(self.vpcId, name: "vpcId", parent: name, max: 64)
            try self.validate(self.vpcId, name: "vpcId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case mutationProtection = "MutationProtection"
            case name = "Name"
            case priority = "Priority"
            case tags = "Tags"
            case vpcId = "VpcId"
        }
    }

    public struct AssociateFirewallRuleGroupResponse: AWSDecodableShape {
        /// The association that you just created. The association has an ID that you can use to
        /// 			identify it in other requests, like update and delete.
        public let firewallRuleGroupAssociation: FirewallRuleGroupAssociation?

        @inlinable
        public init(firewallRuleGroupAssociation: FirewallRuleGroupAssociation? = nil) {
            self.firewallRuleGroupAssociation = firewallRuleGroupAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociation = "FirewallRuleGroupAssociation"
        }
    }

    public struct AssociateResolverEndpointIpAddressRequest: AWSEncodableShape {
        /// Either the IPv4 address that you want to add to a Resolver endpoint or a subnet ID. If you specify a subnet ID,
        /// 			Resolver chooses an IP address for you from the available IPs in the specified subnet.
        public let ipAddress: IpAddressUpdate
        /// The ID of the Resolver endpoint that you want to associate IP addresses with.
        public let resolverEndpointId: String

        @inlinable
        public init(ipAddress: IpAddressUpdate, resolverEndpointId: String) {
            self.ipAddress = ipAddress
            self.resolverEndpointId = resolverEndpointId
        }

        public func validate(name: String) throws {
            try self.ipAddress.validate(name: "\(name).ipAddress")
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case ipAddress = "IpAddress"
            case resolverEndpointId = "ResolverEndpointId"
        }
    }

    public struct AssociateResolverEndpointIpAddressResponse: AWSDecodableShape {
        /// The response to an AssociateResolverEndpointIpAddress request.
        public let resolverEndpoint: ResolverEndpoint?

        @inlinable
        public init(resolverEndpoint: ResolverEndpoint? = nil) {
            self.resolverEndpoint = resolverEndpoint
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpoint = "ResolverEndpoint"
        }
    }

    public struct AssociateResolverQueryLogConfigRequest: AWSEncodableShape {
        /// The ID of the query logging configuration that you want to associate a VPC with.
        public let resolverQueryLogConfigId: String
        /// The ID of an Amazon VPC that you want this query logging configuration to log queries for.  The VPCs and the query logging configuration must be in the same Region.
        public let resourceId: String

        @inlinable
        public init(resolverQueryLogConfigId: String, resourceId: String) {
            self.resolverQueryLogConfigId = resolverQueryLogConfigId
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, max: 64)
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, min: 1)
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigId = "ResolverQueryLogConfigId"
            case resourceId = "ResourceId"
        }
    }

    public struct AssociateResolverQueryLogConfigResponse: AWSDecodableShape {
        /// A complex type that contains settings for a specified association between an Amazon VPC and a query logging configuration.
        public let resolverQueryLogConfigAssociation: ResolverQueryLogConfigAssociation?

        @inlinable
        public init(resolverQueryLogConfigAssociation: ResolverQueryLogConfigAssociation? = nil) {
            self.resolverQueryLogConfigAssociation = resolverQueryLogConfigAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigAssociation = "ResolverQueryLogConfigAssociation"
        }
    }

    public struct AssociateResolverRuleRequest: AWSEncodableShape {
        /// A name for the association that you're creating between a Resolver rule and a VPC.
        public let name: String?
        /// The ID of the Resolver rule that you want to associate with the VPC. To list the existing Resolver rules, use
        /// 			ListResolverRules.
        public let resolverRuleId: String
        /// The ID of the VPC that you want to associate the Resolver rule with.
        public let vpcId: String

        @inlinable
        public init(name: String? = nil, resolverRuleId: String, vpcId: String) {
            self.name = name
            self.resolverRuleId = resolverRuleId
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, max: 64)
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, min: 1)
            try self.validate(self.vpcId, name: "vpcId", parent: name, max: 64)
            try self.validate(self.vpcId, name: "vpcId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case resolverRuleId = "ResolverRuleId"
            case vpcId = "VPCId"
        }
    }

    public struct AssociateResolverRuleResponse: AWSDecodableShape {
        /// Information about the AssociateResolverRule request, including the status of the request.
        public let resolverRuleAssociation: ResolverRuleAssociation?

        @inlinable
        public init(resolverRuleAssociation: ResolverRuleAssociation? = nil) {
            self.resolverRuleAssociation = resolverRuleAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleAssociation = "ResolverRuleAssociation"
        }
    }

    public struct CreateFirewallDomainListRequest: AWSEncodableShape {
        /// A unique string that identifies the request and that allows you to retry failed requests
        /// 			without the risk of running the operation twice. CreatorRequestId can be
        /// 			any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// A name that lets you identify the domain list to manage and use it.
        public let name: String
        /// A list of the tag keys and values that you want to associate with the domain list.
        public let tags: [Tag]?

        @inlinable
        public init(creatorRequestId: String = CreateFirewallDomainListRequest.idempotencyToken(), name: String, tags: [Tag]? = nil) {
            self.creatorRequestId = creatorRequestId
            self.name = name
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case name = "Name"
            case tags = "Tags"
        }
    }

    public struct CreateFirewallDomainListResponse: AWSDecodableShape {
        /// The domain list that you just created.
        public let firewallDomainList: FirewallDomainList?

        @inlinable
        public init(firewallDomainList: FirewallDomainList? = nil) {
            self.firewallDomainList = firewallDomainList
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainList = "FirewallDomainList"
        }
    }

    public struct CreateFirewallRuleGroupRequest: AWSEncodableShape {
        /// A unique string defined by you to identify the request. This allows you to retry failed
        /// 			requests without the risk of running the operation twice. This can be any unique string,
        /// 			for example, a timestamp.
        public let creatorRequestId: String
        /// A name that lets you identify the rule group, to manage and use it.
        public let name: String
        /// A list of the tag keys and values that you want to associate with the rule group.
        public let tags: [Tag]?

        @inlinable
        public init(creatorRequestId: String = CreateFirewallRuleGroupRequest.idempotencyToken(), name: String, tags: [Tag]? = nil) {
            self.creatorRequestId = creatorRequestId
            self.name = name
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case name = "Name"
            case tags = "Tags"
        }
    }

    public struct CreateFirewallRuleGroupResponse: AWSDecodableShape {
        /// A collection of rules used to filter DNS network traffic.
        public let firewallRuleGroup: FirewallRuleGroup?

        @inlinable
        public init(firewallRuleGroup: FirewallRuleGroup? = nil) {
            self.firewallRuleGroup = firewallRuleGroup
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroup = "FirewallRuleGroup"
        }
    }

    public struct CreateFirewallRuleRequest: AWSEncodableShape {
        /// The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:    ALLOW - Permit the request to go through. Not available for DNS Firewall Advanced rules.    ALERT - Permit the request and send metrics and logs to Cloud Watch.    BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.
        public let action: Action
        /// The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE. This setting is required if the BlockResponse setting is OVERRIDE.
        public let blockOverrideDnsType: BlockOverrideDnsType?
        /// The custom DNS record to send back in response to the query. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE. This setting is required if the BlockResponse setting is OVERRIDE.
        public let blockOverrideDomain: String?
        /// The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE. This setting is required if the BlockResponse setting is OVERRIDE.
        public let blockOverrideTtl: Int?
        /// The way that you want DNS Firewall to block the request, used with the rule action
        /// 			setting BLOCK.     NODATA - Respond indicating that the query was successful, but no response is available for it.    NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.    OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.    This setting is required if the rule action setting is BLOCK.
        public let blockResponse: BlockResponse?
        /// 			The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence
        /// 			level values mean:
        /// 		    LOW: Provides the highest detection rate for threats, but also increases false positives.    MEDIUM: Provides a balance between detecting threats and false positives.    HIGH: Detects only the most well corroborated threats with a low rate of false positives.
        public let confidenceThreshold: ConfidenceThreshold?
        /// A unique string that identifies the request and that allows you to retry failed requests
        /// 			without the risk of running the operation twice. CreatorRequestId can be
        /// 			any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// 			Use to create a DNS Firewall Advanced rule.
        ///
        public let dnsThreatProtection: DnsThreatProtection?
        /// The ID of the domain list that you want to use in the rule. Can't be used together with DnsThreatProtecton.
        public let firewallDomainListId: String?
        /// 			How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.
        /// 		  INSPECT_REDIRECTION_DOMAIN: (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be
        /// 			added to the domain list.  TRUST_REDIRECTION_DOMAIN: Inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to
        /// 			the domain list.
        public let firewallDomainRedirectionAction: FirewallDomainRedirectionAction?
        /// The unique identifier of the firewall rule group where you want to create the rule.
        public let firewallRuleGroupId: String
        /// A name that lets you identify the rule in the rule group.
        public let name: String
        /// The setting that determines the processing order of the rule in the rule group. DNS Firewall  processes the rules in a rule group by order of priority, starting from the lowest setting. You must specify a unique priority for each rule in a rule group.  To make it easier to insert rules later, leave space between the numbers, for example, use 100, 200, and so on. You  can change the priority setting for the rules in a rule group at any time.
        public let priority: Int
        /// 			The DNS query type you want the rule to evaluate. Allowed values are;
        ///
        /// 				A: Returns an IPv4 address.   AAAA: Returns an Ipv6 address.   CAA: Restricts CAs that can create SSL/TLS certifications for the domain.   CNAME: Returns another domain name.   DS: Record that identifies the DNSSEC signing key of a delegated zone.   MX: Specifies mail servers.   NAPTR: Regular-expression-based rewriting of domain names.   NS: Authoritative name servers.   PTR: Maps an IP address to a domain name.   SOA: Start of authority record for the zone.   SPF: Lists the servers authorized to send emails from a domain.   SRV: Application specific values that identify servers.   TXT: Verifies email senders and application-specific values.   A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be
        /// 				defined as TYPENUMBER, where the
        /// 				NUMBER can be 1-65334, for
        /// 				example, TYPE28. For more information, see
        /// 				List of DNS record types.
        public let qtype: String?

        @inlinable
        public init(action: Action, blockOverrideDnsType: BlockOverrideDnsType? = nil, blockOverrideDomain: String? = nil, blockOverrideTtl: Int? = nil, blockResponse: BlockResponse? = nil, confidenceThreshold: ConfidenceThreshold? = nil, creatorRequestId: String = CreateFirewallRuleRequest.idempotencyToken(), dnsThreatProtection: DnsThreatProtection? = nil, firewallDomainListId: String? = nil, firewallDomainRedirectionAction: FirewallDomainRedirectionAction? = nil, firewallRuleGroupId: String, name: String, priority: Int, qtype: String? = nil) {
            self.action = action
            self.blockOverrideDnsType = blockOverrideDnsType
            self.blockOverrideDomain = blockOverrideDomain
            self.blockOverrideTtl = blockOverrideTtl
            self.blockResponse = blockResponse
            self.confidenceThreshold = confidenceThreshold
            self.creatorRequestId = creatorRequestId
            self.dnsThreatProtection = dnsThreatProtection
            self.firewallDomainListId = firewallDomainListId
            self.firewallDomainRedirectionAction = firewallDomainRedirectionAction
            self.firewallRuleGroupId = firewallRuleGroupId
            self.name = name
            self.priority = priority
            self.qtype = qtype
        }

        public func validate(name: String) throws {
            try self.validate(self.blockOverrideDomain, name: "blockOverrideDomain", parent: name, max: 255)
            try self.validate(self.blockOverrideDomain, name: "blockOverrideDomain", parent: name, min: 1)
            try self.validate(self.blockOverrideTtl, name: "blockOverrideTtl", parent: name, max: 604800)
            try self.validate(self.blockOverrideTtl, name: "blockOverrideTtl", parent: name, min: 0)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.qtype, name: "qtype", parent: name, max: 16)
            try self.validate(self.qtype, name: "qtype", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case action = "Action"
            case blockOverrideDnsType = "BlockOverrideDnsType"
            case blockOverrideDomain = "BlockOverrideDomain"
            case blockOverrideTtl = "BlockOverrideTtl"
            case blockResponse = "BlockResponse"
            case confidenceThreshold = "ConfidenceThreshold"
            case creatorRequestId = "CreatorRequestId"
            case dnsThreatProtection = "DnsThreatProtection"
            case firewallDomainListId = "FirewallDomainListId"
            case firewallDomainRedirectionAction = "FirewallDomainRedirectionAction"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case name = "Name"
            case priority = "Priority"
            case qtype = "Qtype"
        }
    }

    public struct CreateFirewallRuleResponse: AWSDecodableShape {
        /// The
        /// 			firewall rule that you just created.
        public let firewallRule: FirewallRule?

        @inlinable
        public init(firewallRule: FirewallRule? = nil) {
            self.firewallRule = firewallRule
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRule = "FirewallRule"
        }
    }

    public struct CreateOutpostResolverRequest: AWSEncodableShape {
        /// A unique string that identifies the request
        /// 		and that allows failed requests to be retried without the risk of running the operation twice.   CreatorRequestId can be any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// Number of Amazon EC2 instances for the
        /// 		Resolver on Outpost.
        /// 		The default and minimal value is 4.
        public let instanceCount: Int?
        /// A friendly name that lets you easily find a configuration in the
        /// 		Resolver dashboard in the Route 53 console.
        public let name: String
        /// The Amazon Resource Name (ARN) of the Outpost. If you specify this, you must also specify a value for the PreferredInstanceType.
        public let outpostArn: String
        /// 		The Amazon EC2 instance type. If you specify this, you must also specify a value for the OutpostArn.
        ///
        public let preferredInstanceType: String
        /// 			A string that helps identify the Route 53 Resolvers on Outpost.
        ///
        public let tags: [Tag]?

        @inlinable
        public init(creatorRequestId: String, instanceCount: Int? = nil, name: String, outpostArn: String, preferredInstanceType: String, tags: [Tag]? = nil) {
            self.creatorRequestId = creatorRequestId
            self.instanceCount = instanceCount
            self.name = name
            self.outpostArn = outpostArn
            self.preferredInstanceType = preferredInstanceType
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, max: 255)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, min: 1)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, pattern: "^arn:aws([a-z-]+)?:outposts:[a-z\\d-]+:\\d{12}:outpost/op-[a-f0-9]{17}$")
            try self.validate(self.preferredInstanceType, name: "preferredInstanceType", parent: name, max: 255)
            try self.validate(self.preferredInstanceType, name: "preferredInstanceType", parent: name, min: 1)
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case instanceCount = "InstanceCount"
            case name = "Name"
            case outpostArn = "OutpostArn"
            case preferredInstanceType = "PreferredInstanceType"
            case tags = "Tags"
        }
    }

    public struct CreateOutpostResolverResponse: AWSDecodableShape {
        /// Information about the CreateOutpostResolver
        /// 		request, including the status of the request.
        public let outpostResolver: OutpostResolver?

        @inlinable
        public init(outpostResolver: OutpostResolver? = nil) {
            self.outpostResolver = outpostResolver
        }

        private enum CodingKeys: String, CodingKey {
            case outpostResolver = "OutpostResolver"
        }
    }

    public struct CreateResolverEndpointRequest: AWSEncodableShape {
        /// A unique string that identifies the request and that allows failed requests to be retried
        /// 			without the risk of running the operation twice. CreatorRequestId can be
        /// 			any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// Specify the applicable value:    INBOUND: Resolver forwards DNS queries to the DNS service for a VPC from your network.    OUTBOUND: Resolver forwards DNS queries from the DNS service for a VPC to your network.    INBOUND_DELEGATION: Resolver delegates queries to Route 53 private hosted zones from your network.
        public let direction: ResolverEndpointDirection
        /// The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward
        /// 			DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.   Even though the minimum is 1, Route 53 requires that you create at least two.
        public let ipAddresses: [IpAddressRequest]
        /// A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.
        public let name: String?
        /// The Amazon Resource Name (ARN) of the Outpost. If you specify this, you must also specify a
        /// 			value for the PreferredInstanceType.
        public let outpostArn: String?
        /// The  instance type. If you specify this, you must also specify a value for the OutpostArn.
        public let preferredInstanceType: String?
        /// 			The protocols you want to use for the endpoint. DoH-FIPS is applicable for default inbound endpoints only.
        /// 		 For a default inbound endpoint you can apply the protocols as follows:   Do53  and DoH in combination.   Do53  and DoH-FIPS in combination.   Do53 alone.   DoH alone.   DoH-FIPS alone.   None, which is treated as Do53.   For a delegation inbound endpoint you can use Do53 only. For an outbound endpoint you can apply the protocols as follows:   Do53  and DoH in combination.   Do53 alone.   DoH alone.   None, which is treated as Do53.
        public let protocols: [`Protocol`]?
        /// 			For the endpoint type you can choose either IPv4, IPv6, or dual-stack.
        /// 			A dual-stack endpoint means that it will resolve via both IPv4 and IPv6. This
        /// 			endpoint type is applied to all IP addresses.
        ///
        public let resolverEndpointType: ResolverEndpointType?
        /// The ID of one or more security groups that you want to use to control access to this VPC. The security group that you specify
        /// 			must include one or more inbound rules (for inbound Resolver endpoints) or outbound rules (for outbound Resolver endpoints).
        /// 			Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port
        /// 			that you're using for DNS queries on your network. Some security group rules will cause your connection to be tracked. For outbound resolver endpoint, it can potentially impact the
        /// 			maximum queries per second from outbound endpoint to your target name server. For inbound resolver endpoint, it can bring down the overall maximum queries per second per IP address to as low as 1500.
        /// 			To avoid connection tracking caused by security group, see
        /// 			Untracked connections.
        public let securityGroupIds: [String]
        /// A list of the tag keys and values that you want to associate with the endpoint.
        public let tags: [Tag]?

        @inlinable
        public init(creatorRequestId: String, direction: ResolverEndpointDirection, ipAddresses: [IpAddressRequest], name: String? = nil, outpostArn: String? = nil, preferredInstanceType: String? = nil, protocols: [`Protocol`]? = nil, resolverEndpointType: ResolverEndpointType? = nil, securityGroupIds: [String], tags: [Tag]? = nil) {
            self.creatorRequestId = creatorRequestId
            self.direction = direction
            self.ipAddresses = ipAddresses
            self.name = name
            self.outpostArn = outpostArn
            self.preferredInstanceType = preferredInstanceType
            self.protocols = protocols
            self.resolverEndpointType = resolverEndpointType
            self.securityGroupIds = securityGroupIds
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.ipAddresses.forEach {
                try $0.validate(name: "\(name).ipAddresses[]")
            }
            try self.validate(self.ipAddresses, name: "ipAddresses", parent: name, max: 20)
            try self.validate(self.ipAddresses, name: "ipAddresses", parent: name, min: 2)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, max: 255)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, min: 1)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, pattern: "^arn:aws([a-z-]+)?:outposts:[a-z\\d-]+:\\d{12}:outpost/op-[a-f0-9]{17}$")
            try self.validate(self.preferredInstanceType, name: "preferredInstanceType", parent: name, max: 255)
            try self.validate(self.preferredInstanceType, name: "preferredInstanceType", parent: name, min: 1)
            try self.validate(self.protocols, name: "protocols", parent: name, max: 2)
            try self.validate(self.protocols, name: "protocols", parent: name, min: 1)
            try self.securityGroupIds.forEach {
                try validate($0, name: "securityGroupIds[]", parent: name, max: 64)
                try validate($0, name: "securityGroupIds[]", parent: name, min: 1)
            }
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case direction = "Direction"
            case ipAddresses = "IpAddresses"
            case name = "Name"
            case outpostArn = "OutpostArn"
            case preferredInstanceType = "PreferredInstanceType"
            case protocols = "Protocols"
            case resolverEndpointType = "ResolverEndpointType"
            case securityGroupIds = "SecurityGroupIds"
            case tags = "Tags"
        }
    }

    public struct CreateResolverEndpointResponse: AWSDecodableShape {
        /// Information about the CreateResolverEndpoint request, including the status of the request.
        public let resolverEndpoint: ResolverEndpoint?

        @inlinable
        public init(resolverEndpoint: ResolverEndpoint? = nil) {
            self.resolverEndpoint = resolverEndpoint
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpoint = "ResolverEndpoint"
        }
    }

    public struct CreateResolverQueryLogConfigRequest: AWSEncodableShape {
        /// A unique string that identifies the request and that allows failed requests to be retried
        /// 			without the risk of running the operation twice. CreatorRequestId can be
        /// 			any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// The ARN of the resource that you want Resolver to send query logs. You can send query logs to an S3 bucket, a CloudWatch Logs log group,
        /// 			or a Kinesis Data Firehose delivery stream. Examples of valid values include the following:    S3 bucket:   arn:aws:s3:::amzn-s3-demo-bucket  You can optionally append a file prefix to the end of the ARN.  arn:aws:s3:::amzn-s3-demo-bucket/development/     CloudWatch Logs log group:   arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*     Kinesis Data Firehose delivery stream:  arn:aws:kinesis:us-east-2:0123456789:stream/my_stream_name
        public let destinationArn: String
        /// The name that you want to give the query logging configuration.
        public let name: String
        /// A list of the tag keys and values that you want to associate with the query logging configuration.
        public let tags: [Tag]?

        @inlinable
        public init(creatorRequestId: String = CreateResolverQueryLogConfigRequest.idempotencyToken(), destinationArn: String, name: String, tags: [Tag]? = nil) {
            self.creatorRequestId = creatorRequestId
            self.destinationArn = destinationArn
            self.name = name
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.destinationArn, name: "destinationArn", parent: name, max: 600)
            try self.validate(self.destinationArn, name: "destinationArn", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case destinationArn = "DestinationArn"
            case name = "Name"
            case tags = "Tags"
        }
    }

    public struct CreateResolverQueryLogConfigResponse: AWSDecodableShape {
        /// Information about the CreateResolverQueryLogConfig request, including the status of the request.
        public let resolverQueryLogConfig: ResolverQueryLogConfig?

        @inlinable
        public init(resolverQueryLogConfig: ResolverQueryLogConfig? = nil) {
            self.resolverQueryLogConfig = resolverQueryLogConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfig = "ResolverQueryLogConfig"
        }
    }

    public struct CreateResolverRuleRequest: AWSEncodableShape {
        /// A unique string that identifies the request and that allows failed requests to be retried
        /// 			without the risk of running the operation twice. CreatorRequestId can be
        /// 			any unique string, for example, a date/time stamp.
        public let creatorRequestId: String
        /// 			DNS queries with the delegation records that match this domain name are forwarded to the resolvers on your
        /// 			network.
        ///
        public let delegationRecord: String?
        /// DNS queries for this domain name are forwarded to the IP addresses that you specify in TargetIps. If a query matches
        /// 			multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains
        /// 			the most specific domain name (www.example.com).
        public let domainName: String?
        /// A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.
        public let name: String?
        /// The ID of the outbound Resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify
        /// 			in TargetIps.
        public let resolverEndpointId: String?
        /// When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD or DELEGATE. When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for
        /// 			a subdomain of that domain, specify SYSTEM. For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
        /// 			for RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify
        /// 			SYSTEM for RuleType. Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
        public let ruleType: RuleTypeOption
        /// A list of the tag keys and values that you want to associate with the endpoint.
        public let tags: [Tag]?
        /// The IPs that you want Resolver to forward DNS queries to. You can specify either Ipv4 or Ipv6 addresses but not both in the same rule. Separate IP addresses with a space.  TargetIps is available only when the value of Rule type is FORWARD.
        public let targetIps: [TargetAddress]?

        @inlinable
        public init(creatorRequestId: String, delegationRecord: String? = nil, domainName: String? = nil, name: String? = nil, resolverEndpointId: String? = nil, ruleType: RuleTypeOption, tags: [Tag]? = nil, targetIps: [TargetAddress]? = nil) {
            self.creatorRequestId = creatorRequestId
            self.delegationRecord = delegationRecord
            self.domainName = domainName
            self.name = name
            self.resolverEndpointId = resolverEndpointId
            self.ruleType = ruleType
            self.tags = tags
            self.targetIps = targetIps
        }

        public func validate(name: String) throws {
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, max: 255)
            try self.validate(self.creatorRequestId, name: "creatorRequestId", parent: name, min: 1)
            try self.validate(self.delegationRecord, name: "delegationRecord", parent: name, max: 256)
            try self.validate(self.delegationRecord, name: "delegationRecord", parent: name, min: 1)
            try self.validate(self.domainName, name: "domainName", parent: name, max: 256)
            try self.validate(self.domainName, name: "domainName", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
            try self.targetIps?.forEach {
                try $0.validate(name: "\(name).targetIps[]")
            }
            try self.validate(self.targetIps, name: "targetIps", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case creatorRequestId = "CreatorRequestId"
            case delegationRecord = "DelegationRecord"
            case domainName = "DomainName"
            case name = "Name"
            case resolverEndpointId = "ResolverEndpointId"
            case ruleType = "RuleType"
            case tags = "Tags"
            case targetIps = "TargetIps"
        }
    }

    public struct CreateResolverRuleResponse: AWSDecodableShape {
        /// Information about the CreateResolverRule request, including the status of the request.
        public let resolverRule: ResolverRule?

        @inlinable
        public init(resolverRule: ResolverRule? = nil) {
            self.resolverRule = resolverRule
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRule = "ResolverRule"
        }
    }

    public struct DeleteFirewallDomainListRequest: AWSEncodableShape {
        /// The ID of the domain list that you want to delete.
        public let firewallDomainListId: String

        @inlinable
        public init(firewallDomainListId: String) {
            self.firewallDomainListId = firewallDomainListId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainListId = "FirewallDomainListId"
        }
    }

    public struct DeleteFirewallDomainListResponse: AWSDecodableShape {
        /// The domain list that you just deleted.
        public let firewallDomainList: FirewallDomainList?

        @inlinable
        public init(firewallDomainList: FirewallDomainList? = nil) {
            self.firewallDomainList = firewallDomainList
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainList = "FirewallDomainList"
        }
    }

    public struct DeleteFirewallRuleGroupRequest: AWSEncodableShape {
        /// The unique identifier of the firewall rule group that you want to delete.
        public let firewallRuleGroupId: String

        @inlinable
        public init(firewallRuleGroupId: String) {
            self.firewallRuleGroupId = firewallRuleGroupId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupId = "FirewallRuleGroupId"
        }
    }

    public struct DeleteFirewallRuleGroupResponse: AWSDecodableShape {
        /// A collection of rules used to filter DNS network traffic.
        public let firewallRuleGroup: FirewallRuleGroup?

        @inlinable
        public init(firewallRuleGroup: FirewallRuleGroup? = nil) {
            self.firewallRuleGroup = firewallRuleGroup
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroup = "FirewallRuleGroup"
        }
    }

    public struct DeleteFirewallRuleRequest: AWSEncodableShape {
        /// The ID of the domain list that's used in the rule.
        public let firewallDomainListId: String?
        /// The unique identifier of the firewall rule group that you want to delete the rule from.
        public let firewallRuleGroupId: String
        /// 			The ID that is created for a DNS Firewall Advanced rule.
        ///
        public let firewallThreatProtectionId: String?
        /// 			The DNS query type that the rule you are deleting evaluates. Allowed values are;
        ///
        /// 				A: Returns an IPv4 address.   AAAA: Returns an Ipv6 address.   CAA: Restricts CAs that can create SSL/TLS certifications for the domain.   CNAME: Returns another domain name.   DS: Record that identifies the DNSSEC signing key of a delegated zone.   MX: Specifies mail servers.   NAPTR: Regular-expression-based rewriting of domain names.   NS: Authoritative name servers.   PTR: Maps an IP address to a domain name.   SOA: Start of authority record for the zone.   SPF: Lists the servers authorized to send emails from a domain.   SRV: Application specific values that identify servers.   TXT: Verifies email senders and application-specific values.   A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be
        /// 				defined as TYPENUMBER, where the
        /// 				NUMBER can be 1-65334, for
        /// 				example, TYPE28. For more information, see
        /// 				List of DNS record types.
        public let qtype: String?

        @inlinable
        public init(firewallDomainListId: String? = nil, firewallRuleGroupId: String, firewallThreatProtectionId: String? = nil, qtype: String? = nil) {
            self.firewallDomainListId = firewallDomainListId
            self.firewallRuleGroupId = firewallRuleGroupId
            self.firewallThreatProtectionId = firewallThreatProtectionId
            self.qtype = qtype
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
            try self.validate(self.firewallThreatProtectionId, name: "firewallThreatProtectionId", parent: name, max: 64)
            try self.validate(self.firewallThreatProtectionId, name: "firewallThreatProtectionId", parent: name, min: 1)
            try self.validate(self.qtype, name: "qtype", parent: name, max: 16)
            try self.validate(self.qtype, name: "qtype", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainListId = "FirewallDomainListId"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case firewallThreatProtectionId = "FirewallThreatProtectionId"
            case qtype = "Qtype"
        }
    }

    public struct DeleteFirewallRuleResponse: AWSDecodableShape {
        /// The specification for the firewall rule that you just deleted.
        public let firewallRule: FirewallRule?

        @inlinable
        public init(firewallRule: FirewallRule? = nil) {
            self.firewallRule = firewallRule
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRule = "FirewallRule"
        }
    }

    public struct DeleteOutpostResolverRequest: AWSEncodableShape {
        /// A unique string that identifies the Resolver on the Outpost.
        public let id: String

        @inlinable
        public init(id: String) {
            self.id = id
        }

        public func validate(name: String) throws {
            try self.validate(self.id, name: "id", parent: name, max: 64)
            try self.validate(self.id, name: "id", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
        }
    }

    public struct DeleteOutpostResolverResponse: AWSDecodableShape {
        /// Information about the DeleteOutpostResolver
        /// 		request, including the status of the request.
        public let outpostResolver: OutpostResolver?

        @inlinable
        public init(outpostResolver: OutpostResolver? = nil) {
            self.outpostResolver = outpostResolver
        }

        private enum CodingKeys: String, CodingKey {
            case outpostResolver = "OutpostResolver"
        }
    }

    public struct DeleteResolverEndpointRequest: AWSEncodableShape {
        /// The ID of the Resolver endpoint that you want to delete.
        public let resolverEndpointId: String

        @inlinable
        public init(resolverEndpointId: String) {
            self.resolverEndpointId = resolverEndpointId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpointId = "ResolverEndpointId"
        }
    }

    public struct DeleteResolverEndpointResponse: AWSDecodableShape {
        /// Information about the DeleteResolverEndpoint request, including the status of the request.
        public let resolverEndpoint: ResolverEndpoint?

        @inlinable
        public init(resolverEndpoint: ResolverEndpoint? = nil) {
            self.resolverEndpoint = resolverEndpoint
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpoint = "ResolverEndpoint"
        }
    }

    public struct DeleteResolverQueryLogConfigRequest: AWSEncodableShape {
        /// The ID of the query logging configuration that you want to delete.
        public let resolverQueryLogConfigId: String

        @inlinable
        public init(resolverQueryLogConfigId: String) {
            self.resolverQueryLogConfigId = resolverQueryLogConfigId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, max: 64)
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigId = "ResolverQueryLogConfigId"
        }
    }

    public struct DeleteResolverQueryLogConfigResponse: AWSDecodableShape {
        /// Information about the query logging configuration that you deleted, including the status of the request.
        public let resolverQueryLogConfig: ResolverQueryLogConfig?

        @inlinable
        public init(resolverQueryLogConfig: ResolverQueryLogConfig? = nil) {
            self.resolverQueryLogConfig = resolverQueryLogConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfig = "ResolverQueryLogConfig"
        }
    }

    public struct DeleteResolverRuleRequest: AWSEncodableShape {
        /// The ID of the Resolver rule that you want to delete.
        public let resolverRuleId: String

        @inlinable
        public init(resolverRuleId: String) {
            self.resolverRuleId = resolverRuleId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, max: 64)
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleId = "ResolverRuleId"
        }
    }

    public struct DeleteResolverRuleResponse: AWSDecodableShape {
        /// Information about the DeleteResolverRule request, including the status of the request.
        public let resolverRule: ResolverRule?

        @inlinable
        public init(resolverRule: ResolverRule? = nil) {
            self.resolverRule = resolverRule
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRule = "ResolverRule"
        }
    }

    public struct DisassociateFirewallRuleGroupRequest: AWSEncodableShape {
        /// The identifier of the FirewallRuleGroupAssociation.
        public let firewallRuleGroupAssociationId: String

        @inlinable
        public init(firewallRuleGroupAssociationId: String) {
            self.firewallRuleGroupAssociationId = firewallRuleGroupAssociationId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupAssociationId, name: "firewallRuleGroupAssociationId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupAssociationId, name: "firewallRuleGroupAssociationId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociationId = "FirewallRuleGroupAssociationId"
        }
    }

    public struct DisassociateFirewallRuleGroupResponse: AWSDecodableShape {
        /// The firewall rule group association that you just removed.
        public let firewallRuleGroupAssociation: FirewallRuleGroupAssociation?

        @inlinable
        public init(firewallRuleGroupAssociation: FirewallRuleGroupAssociation? = nil) {
            self.firewallRuleGroupAssociation = firewallRuleGroupAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociation = "FirewallRuleGroupAssociation"
        }
    }

    public struct DisassociateResolverEndpointIpAddressRequest: AWSEncodableShape {
        /// The IPv4 address that you want to remove from a Resolver endpoint.
        public let ipAddress: IpAddressUpdate
        /// The ID of the Resolver endpoint that you want to disassociate an IP address from.
        public let resolverEndpointId: String

        @inlinable
        public init(ipAddress: IpAddressUpdate, resolverEndpointId: String) {
            self.ipAddress = ipAddress
            self.resolverEndpointId = resolverEndpointId
        }

        public func validate(name: String) throws {
            try self.ipAddress.validate(name: "\(name).ipAddress")
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case ipAddress = "IpAddress"
            case resolverEndpointId = "ResolverEndpointId"
        }
    }

    public struct DisassociateResolverEndpointIpAddressResponse: AWSDecodableShape {
        /// The response to an DisassociateResolverEndpointIpAddress request.
        public let resolverEndpoint: ResolverEndpoint?

        @inlinable
        public init(resolverEndpoint: ResolverEndpoint? = nil) {
            self.resolverEndpoint = resolverEndpoint
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpoint = "ResolverEndpoint"
        }
    }

    public struct DisassociateResolverQueryLogConfigRequest: AWSEncodableShape {
        /// The ID of the query logging configuration that you want to disassociate a specified VPC from.
        public let resolverQueryLogConfigId: String
        /// The ID of the Amazon VPC that you want to disassociate from a specified query logging configuration.
        public let resourceId: String

        @inlinable
        public init(resolverQueryLogConfigId: String, resourceId: String) {
            self.resolverQueryLogConfigId = resolverQueryLogConfigId
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, max: 64)
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, min: 1)
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigId = "ResolverQueryLogConfigId"
            case resourceId = "ResourceId"
        }
    }

    public struct DisassociateResolverQueryLogConfigResponse: AWSDecodableShape {
        /// A complex type that contains settings for the association that you deleted between an Amazon VPC and a query logging configuration.
        public let resolverQueryLogConfigAssociation: ResolverQueryLogConfigAssociation?

        @inlinable
        public init(resolverQueryLogConfigAssociation: ResolverQueryLogConfigAssociation? = nil) {
            self.resolverQueryLogConfigAssociation = resolverQueryLogConfigAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigAssociation = "ResolverQueryLogConfigAssociation"
        }
    }

    public struct DisassociateResolverRuleRequest: AWSEncodableShape {
        /// The ID of the Resolver rule that you want to disassociate from the specified VPC.
        public let resolverRuleId: String
        /// The ID of the VPC that you want to disassociate the Resolver rule from.
        public let vpcId: String

        @inlinable
        public init(resolverRuleId: String, vpcId: String) {
            self.resolverRuleId = resolverRuleId
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, max: 64)
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, min: 1)
            try self.validate(self.vpcId, name: "vpcId", parent: name, max: 64)
            try self.validate(self.vpcId, name: "vpcId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleId = "ResolverRuleId"
            case vpcId = "VPCId"
        }
    }

    public struct DisassociateResolverRuleResponse: AWSDecodableShape {
        /// Information about the DisassociateResolverRule request, including the status of the request.
        public let resolverRuleAssociation: ResolverRuleAssociation?

        @inlinable
        public init(resolverRuleAssociation: ResolverRuleAssociation? = nil) {
            self.resolverRuleAssociation = resolverRuleAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleAssociation = "ResolverRuleAssociation"
        }
    }

    public struct Filter: AWSEncodableShape {
        /// The name of the parameter that you want to use to filter objects. The valid values for Name depend on the action that you're including the filter in,
        /// 			ListResolverEndpoints,
        /// 			ListResolverRules,
        /// 			ListResolverRuleAssociations,
        /// 			ListResolverQueryLogConfigs,
        /// 			or
        /// 			ListResolverQueryLogConfigAssociations.  In early versions of Resolver, values for Name were listed as uppercase, with underscore (_) delimiters. For example,
        /// 				CreatorRequestId was originally listed as CREATOR_REQUEST_ID. Uppercase values for Name are still supported.   ListResolverEndpoints  Valid values for Name include the following:    CreatorRequestId: The value that you specified when you created the Resolver endpoint.    Direction: Whether you want to return inbound or outbound Resolver endpoints. If you specify DIRECTION
        /// 				for Name, specify INBOUND or OUTBOUND for Values.    HostVPCId: The ID of the VPC that inbound DNS queries pass through on the way from your network to your VPCs in a region, or
        /// 				the VPC that outbound queries pass through on the way from your VPCs to your network. In a
        /// 				CreateResolverEndpoint
        /// 				request, SubnetId indirectly identifies the VPC. In a
        /// 				GetResolverEndpoint
        /// 				request, the VPC ID for a Resolver endpoint
        /// 				is returned in the HostVPCId element.     IpAddressCount: The number of IP addresses that you have associated with the Resolver endpoint.    Name: The name of the Resolver endpoint.    SecurityGroupIds: The IDs of the VPC security groups that you specified when you created the
        /// 				Resolver endpoint.    Status: The status of the Resolver endpoint. If you specify Status for Name,
        /// 				specify one of the following status codes for Values: CREATING, OPERATIONAL, UPDATING,
        /// 				AUTO_RECOVERING, ACTION_NEEDED, or DELETING. For more information, see Status in
        /// 				ResolverEndpoint.    ListResolverRules  Valid values for Name include the following:    CreatorRequestId: The value that you specified when you created the Resolver rule.    DomainName: The domain name for which Resolver is forwarding DNS queries to your network. In the value that
        /// 				you specify for Values, include a trailing dot (.) after the domain name. For example, if the domain name is example.com,
        /// 				specify the following value. Note the "." after com:  example.com.     Name: The name of the Resolver rule.    ResolverEndpointId: The ID of the Resolver endpoint that the Resolver rule is associated with.  You can filter on the Resolver endpoint only for rules that have a value of FORWARD for
        /// 					RuleType.     Status: The status of the Resolver rule. If you specify Status for Name,
        /// 				specify one of the following status codes for Values: COMPLETE, DELETING, UPDATING,
        /// 				or FAILED.    Type: The type of the Resolver rule. If you specify TYPE
        /// 				for Name, specify FORWARD or SYSTEM for Values.    ListResolverRuleAssociations  Valid values for Name include the following:    Name: The name of the Resolver rule association.    ResolverRuleId: The ID of the Resolver rule that is associated with one or more VPCs.    Status: The status of the Resolver rule association. If you specify Status for Name,
        /// 				specify one of the following status codes for Values: CREATING, COMPLETE, DELETING, or
        /// 				FAILED.    VPCId: The ID of the VPC that the Resolver rule is associated with.    ListResolverQueryLogConfigs  Valid values for Name include the following:    Arn: The ARN for the query logging configuration.    AssociationCount: The number of VPCs that are associated with the query logging configuration.    CreationTime: The date and time that the query logging configuration was created, in Unix time format and
        /// 				Coordinated Universal Time (UTC).     CreatorRequestId: A unique string that identifies the request that created the query logging configuration.    Destination: The Amazon Web Services service that you want to forward query logs to. Valid values include the following:    S3     CloudWatchLogs     KinesisFirehose       DestinationArn: The ARN of the location that Resolver is sending query logs to. This value can be the ARN for an
        /// 				S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.    Id: The ID of the query logging configuration    Name: The name of the query logging configuration    OwnerId: The Amazon Web Services account ID for the account that created the query logging configuration.    ShareStatus: An indication of whether the query logging configuration is shared with other Amazon Web Services accounts,
        /// 				or was shared with the current account by another Amazon Web Services account. Valid values include: NOT_SHARED, SHARED_WITH_ME,
        /// 				or SHARED_BY_ME.    Status: The status of the query logging configuration. If you specify Status for Name,
        /// 				specify the applicable status code for Values: CREATING, CREATED,
        /// 				DELETING, or FAILED. For more information, see
        /// 				Status.
        /// 				    ListResolverQueryLogConfigAssociations  Valid values for Name include the following:    CreationTime: The date and time that the VPC was associated with the query logging configuration, in Unix time format and
        /// 				Coordinated Universal Time (UTC).    Error: If the value of Status is FAILED, specify the cause:
        /// 				DESTINATION_NOT_FOUND or ACCESS_DENIED.    Id: The ID of the query logging association.    ResolverQueryLogConfigId: The ID of the query logging configuration that a VPC is associated with.    ResourceId: The ID of the Amazon VPC that is associated with the query logging configuration.    Status: The status of the query logging association. If you specify Status for Name,
        /// 				specify the applicable status code for Values: CREATING, CREATED,
        /// 				DELETING, or FAILED. For more information, see
        /// 			    Status.
        ///
        public let name: String?
        /// When you're using a List operation and you want the operation to return a subset of objects, such as Resolver endpoints or Resolver rules,
        /// 			the value of the parameter that you want to use to filter objects. For example, to list only inbound Resolver endpoints, specify Direction for
        /// 			Name and specify INBOUND for Values.
        public let values: [String]?

        @inlinable
        public init(name: String? = nil, values: [String]? = nil) {
            self.name = name
            self.values = values
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.values?.forEach {
                try validate($0, name: "values[]", parent: name, max: 600)
                try validate($0, name: "values[]", parent: name, min: 1)
            }
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case values = "Values"
        }
    }

    public struct FirewallConfig: AWSDecodableShape {
        /// Determines how DNS Firewall operates during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply.    By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall returns a failure error when it is unable to properly evaluate a query.    If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it  is unable to properly evaluate them.    This behavior is only enforced for VPCs that have at least one DNS Firewall rule group association.
        public let firewallFailOpen: FirewallFailOpenStatus?
        /// The ID of the firewall configuration.
        public let id: String?
        /// The Amazon Web Services account ID of the owner of the VPC that this firewall configuration applies to.
        public let ownerId: String?
        /// The ID of the VPC that this firewall configuration applies to.
        public let resourceId: String?

        @inlinable
        public init(firewallFailOpen: FirewallFailOpenStatus? = nil, id: String? = nil, ownerId: String? = nil, resourceId: String? = nil) {
            self.firewallFailOpen = firewallFailOpen
            self.id = id
            self.ownerId = ownerId
            self.resourceId = resourceId
        }

        private enum CodingKeys: String, CodingKey {
            case firewallFailOpen = "FirewallFailOpen"
            case id = "Id"
            case ownerId = "OwnerId"
            case resourceId = "ResourceId"
        }
    }

    public struct FirewallDomainList: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the firewall domain list.
        public let arn: String?
        /// The date and time that the domain list was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string defined by you to identify the request. This allows you to retry failed
        /// 			requests without the risk of running the operation twice. This can be any unique string,
        /// 			for example, a timestamp.
        public let creatorRequestId: String?
        /// The number of domain names that are specified in the domain list.
        public let domainCount: Int?
        /// The ID of the domain list.
        public let id: String?
        /// The owner of the list, used only for lists that are not managed by you. For example, the managed domain list AWSManagedDomainsMalwareDomainList has the managed owner name Route 53 Resolver DNS Firewall.
        public let managedOwnerName: String?
        /// The date and time that the domain list was last modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// The name of the domain list.
        public let name: String?
        /// The status of the domain list.
        public let status: FirewallDomainListStatus?
        /// Additional information about the status of the list, if available.
        public let statusMessage: String?

        @inlinable
        public init(arn: String? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, domainCount: Int? = nil, id: String? = nil, managedOwnerName: String? = nil, modificationTime: String? = nil, name: String? = nil, status: FirewallDomainListStatus? = nil, statusMessage: String? = nil) {
            self.arn = arn
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.domainCount = domainCount
            self.id = id
            self.managedOwnerName = managedOwnerName
            self.modificationTime = modificationTime
            self.name = name
            self.status = status
            self.statusMessage = statusMessage
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case domainCount = "DomainCount"
            case id = "Id"
            case managedOwnerName = "ManagedOwnerName"
            case modificationTime = "ModificationTime"
            case name = "Name"
            case status = "Status"
            case statusMessage = "StatusMessage"
        }
    }

    public struct FirewallDomainListMetadata: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the firewall domain list metadata.
        public let arn: String?
        /// A unique string defined by you to identify the request. This allows you to retry failed
        /// 			requests without the risk of running the operation twice. This can be any unique string,
        /// 			for example, a timestamp.
        public let creatorRequestId: String?
        /// The ID of the domain list.
        public let id: String?
        /// The owner of the list, used only for lists that are not managed by you. For example, the managed domain list AWSManagedDomainsMalwareDomainList has the managed owner name Route 53 Resolver DNS Firewall.
        public let managedOwnerName: String?
        /// The name of the domain list.
        public let name: String?

        @inlinable
        public init(arn: String? = nil, creatorRequestId: String? = nil, id: String? = nil, managedOwnerName: String? = nil, name: String? = nil) {
            self.arn = arn
            self.creatorRequestId = creatorRequestId
            self.id = id
            self.managedOwnerName = managedOwnerName
            self.name = name
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creatorRequestId = "CreatorRequestId"
            case id = "Id"
            case managedOwnerName = "ManagedOwnerName"
            case name = "Name"
        }
    }

    public struct FirewallRule: AWSDecodableShape {
        /// The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:    ALLOW - Permit the request to go through. Not available for DNS Firewall Advanced rules.    ALERT - Permit the request to go through but send an alert to the logs.    BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
        public let action: Action?
        /// The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
        public let blockOverrideDnsType: BlockOverrideDnsType?
        /// The custom DNS record to send back in response to the query. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
        public let blockOverrideDomain: String?
        /// The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
        public let blockOverrideTtl: Int?
        /// The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.    NODATA - Respond indicating that the query was successful, but no response is available for it.    NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.    OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
        public let blockResponse: BlockResponse?
        /// 			The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence
        /// 			level values mean:
        /// 		    LOW: Provides the highest detection rate for threats, but also increases false positives.    MEDIUM: Provides a balance between detecting threats and false positives.    HIGH: Detects only the most well corroborated threats with a low rate of false positives.
        public let confidenceThreshold: ConfidenceThreshold?
        /// The date and time that the rule was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string defined by you to identify the request. This allows you to retry failed requests  without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
        public let creatorRequestId: String?
        /// 			The type of the DNS Firewall Advanced rule. Valid values are:
        /// 		    DGA: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains
        /// 				to to launch malware attacks.    DNS_TUNNELING: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without
        /// 				making a network connection to the client.
        public let dnsThreatProtection: DnsThreatProtection?
        /// The ID of the domain list that's used in the rule.
        public let firewallDomainListId: String?
        /// 			How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.
        /// 		  INSPECT_REDIRECTION_DOMAIN: (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be
        /// 			added to the domain list.  TRUST_REDIRECTION_DOMAIN: Inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to
        /// 			the domain list.
        public let firewallDomainRedirectionAction: FirewallDomainRedirectionAction?
        /// The unique identifier of the Firewall rule group of the rule.
        public let firewallRuleGroupId: String?
        /// 			ID of the DNS Firewall Advanced rule.
        ///
        public let firewallThreatProtectionId: String?
        /// The date and time that the rule was last modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// The name of the rule.
        public let name: String?
        /// The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.
        public let priority: Int?
        /// 			The DNS query type you want the rule to evaluate. Allowed values are;
        ///
        /// 				A: Returns an IPv4 address.   AAAA: Returns an Ipv6 address.   CAA: Restricts CAs that can create SSL/TLS certifications for the domain.   CNAME: Returns another domain name.   DS: Record that identifies the DNSSEC signing key of a delegated zone.   MX: Specifies mail servers.   NAPTR: Regular-expression-based rewriting of domain names.   NS: Authoritative name servers.   PTR: Maps an IP address to a domain name.   SOA: Start of authority record for the zone.   SPF: Lists the servers authorized to send emails from a domain.   SRV: Application specific values that identify servers.   TXT: Verifies email senders and application-specific values.   A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be
        /// 				defined as TYPENUMBER, where the
        /// 				NUMBER can be 1-65334, for
        /// 				example, TYPE28. For more information, see
        /// 				List of DNS record types.
        public let qtype: String?

        @inlinable
        public init(action: Action? = nil, blockOverrideDnsType: BlockOverrideDnsType? = nil, blockOverrideDomain: String? = nil, blockOverrideTtl: Int? = nil, blockResponse: BlockResponse? = nil, confidenceThreshold: ConfidenceThreshold? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, dnsThreatProtection: DnsThreatProtection? = nil, firewallDomainListId: String? = nil, firewallDomainRedirectionAction: FirewallDomainRedirectionAction? = nil, firewallRuleGroupId: String? = nil, firewallThreatProtectionId: String? = nil, modificationTime: String? = nil, name: String? = nil, priority: Int? = nil, qtype: String? = nil) {
            self.action = action
            self.blockOverrideDnsType = blockOverrideDnsType
            self.blockOverrideDomain = blockOverrideDomain
            self.blockOverrideTtl = blockOverrideTtl
            self.blockResponse = blockResponse
            self.confidenceThreshold = confidenceThreshold
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.dnsThreatProtection = dnsThreatProtection
            self.firewallDomainListId = firewallDomainListId
            self.firewallDomainRedirectionAction = firewallDomainRedirectionAction
            self.firewallRuleGroupId = firewallRuleGroupId
            self.firewallThreatProtectionId = firewallThreatProtectionId
            self.modificationTime = modificationTime
            self.name = name
            self.priority = priority
            self.qtype = qtype
        }

        private enum CodingKeys: String, CodingKey {
            case action = "Action"
            case blockOverrideDnsType = "BlockOverrideDnsType"
            case blockOverrideDomain = "BlockOverrideDomain"
            case blockOverrideTtl = "BlockOverrideTtl"
            case blockResponse = "BlockResponse"
            case confidenceThreshold = "ConfidenceThreshold"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case dnsThreatProtection = "DnsThreatProtection"
            case firewallDomainListId = "FirewallDomainListId"
            case firewallDomainRedirectionAction = "FirewallDomainRedirectionAction"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case firewallThreatProtectionId = "FirewallThreatProtectionId"
            case modificationTime = "ModificationTime"
            case name = "Name"
            case priority = "Priority"
            case qtype = "Qtype"
        }
    }

    public struct FirewallRuleGroup: AWSDecodableShape {
        /// The ARN (Amazon Resource Name) of the rule group.
        public let arn: String?
        /// The date and time that the rule group was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string defined by you to identify the request. This allows you to retry failed
        /// 			requests without the risk of running the operation twice. This can be any unique string,
        /// 			for example, a timestamp.
        public let creatorRequestId: String?
        /// The ID of the rule group.
        public let id: String?
        /// The date and time that the rule group was last modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// The name of the rule group.
        public let name: String?
        /// The Amazon Web Services account ID for the account that created the rule group. When a rule group is shared with your account, this is the account that has shared the rule group with you.
        public let ownerId: String?
        /// The number of rules in the rule group.
        public let ruleCount: Int?
        /// Whether the rule group is shared with other Amazon Web Services accounts, or was shared with the current account by another  Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
        public let shareStatus: ShareStatus?
        /// The status of the domain list.
        public let status: FirewallRuleGroupStatus?
        /// Additional information about the status of the rule group, if available.
        public let statusMessage: String?

        @inlinable
        public init(arn: String? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, id: String? = nil, modificationTime: String? = nil, name: String? = nil, ownerId: String? = nil, ruleCount: Int? = nil, shareStatus: ShareStatus? = nil, status: FirewallRuleGroupStatus? = nil, statusMessage: String? = nil) {
            self.arn = arn
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.id = id
            self.modificationTime = modificationTime
            self.name = name
            self.ownerId = ownerId
            self.ruleCount = ruleCount
            self.shareStatus = shareStatus
            self.status = status
            self.statusMessage = statusMessage
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case id = "Id"
            case modificationTime = "ModificationTime"
            case name = "Name"
            case ownerId = "OwnerId"
            case ruleCount = "RuleCount"
            case shareStatus = "ShareStatus"
            case status = "Status"
            case statusMessage = "StatusMessage"
        }
    }

    public struct FirewallRuleGroupAssociation: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the firewall rule group association.
        public let arn: String?
        /// The date and time that the association was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string defined by you to identify the request. This allows you to retry failed
        /// 			requests without the risk of running the operation twice. This can be any unique string,
        /// 			for example, a timestamp.
        public let creatorRequestId: String?
        /// The unique identifier of the firewall rule group.
        public let firewallRuleGroupId: String?
        /// The identifier for the association.
        public let id: String?
        /// The owner of the association, used only for associations that are not managed by you. If you use Firewall Manager to  manage your DNS Firewalls, then this reports Firewall Manager as the managed owner.
        public let managedOwnerName: String?
        /// The date and time that the association was last modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.
        public let mutationProtection: MutationProtectionStatus?
        /// The name of the association.
        public let name: String?
        /// The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall  filters VPC traffic starting from rule group with the lowest numeric priority setting.
        public let priority: Int?
        /// The current status of the association.
        public let status: FirewallRuleGroupAssociationStatus?
        /// Additional information about the status of the response, if available.
        public let statusMessage: String?
        /// The unique identifier of the VPC that is associated with the rule group.
        public let vpcId: String?

        @inlinable
        public init(arn: String? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, firewallRuleGroupId: String? = nil, id: String? = nil, managedOwnerName: String? = nil, modificationTime: String? = nil, mutationProtection: MutationProtectionStatus? = nil, name: String? = nil, priority: Int? = nil, status: FirewallRuleGroupAssociationStatus? = nil, statusMessage: String? = nil, vpcId: String? = nil) {
            self.arn = arn
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.firewallRuleGroupId = firewallRuleGroupId
            self.id = id
            self.managedOwnerName = managedOwnerName
            self.modificationTime = modificationTime
            self.mutationProtection = mutationProtection
            self.name = name
            self.priority = priority
            self.status = status
            self.statusMessage = statusMessage
            self.vpcId = vpcId
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case id = "Id"
            case managedOwnerName = "ManagedOwnerName"
            case modificationTime = "ModificationTime"
            case mutationProtection = "MutationProtection"
            case name = "Name"
            case priority = "Priority"
            case status = "Status"
            case statusMessage = "StatusMessage"
            case vpcId = "VpcId"
        }
    }

    public struct FirewallRuleGroupMetadata: AWSDecodableShape {
        /// The ARN (Amazon Resource Name) of the rule group.
        public let arn: String?
        /// A unique string defined by you to identify the request. This allows you to retry failed
        /// 			requests without the risk of running the operation twice. This can be any unique string,
        /// 			for example, a timestamp.
        public let creatorRequestId: String?
        /// The ID of the rule group.
        public let id: String?
        /// The name of the rule group.
        public let name: String?
        /// The Amazon Web Services account ID for the account that created the rule group. When a rule group is shared with your account, this is the account that has shared the rule group with you.
        public let ownerId: String?
        /// Whether the rule group is shared with other Amazon Web Services accounts, or was shared with the current account by another  Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
        public let shareStatus: ShareStatus?

        @inlinable
        public init(arn: String? = nil, creatorRequestId: String? = nil, id: String? = nil, name: String? = nil, ownerId: String? = nil, shareStatus: ShareStatus? = nil) {
            self.arn = arn
            self.creatorRequestId = creatorRequestId
            self.id = id
            self.name = name
            self.ownerId = ownerId
            self.shareStatus = shareStatus
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creatorRequestId = "CreatorRequestId"
            case id = "Id"
            case name = "Name"
            case ownerId = "OwnerId"
            case shareStatus = "ShareStatus"
        }
    }

    public struct GetFirewallConfigRequest: AWSEncodableShape {
        /// The ID of the VPC from Amazon VPC that the configuration is for.
        public let resourceId: String

        @inlinable
        public init(resourceId: String) {
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resourceId = "ResourceId"
        }
    }

    public struct GetFirewallConfigResponse: AWSDecodableShape {
        /// Configuration of the firewall behavior provided by DNS Firewall for a single VPC from
        /// 			AmazonVPC.
        public let firewallConfig: FirewallConfig?

        @inlinable
        public init(firewallConfig: FirewallConfig? = nil) {
            self.firewallConfig = firewallConfig
        }

        private enum CodingKeys: String, CodingKey {
            case firewallConfig = "FirewallConfig"
        }
    }

    public struct GetFirewallDomainListRequest: AWSEncodableShape {
        /// The ID of the domain list.
        public let firewallDomainListId: String

        @inlinable
        public init(firewallDomainListId: String) {
            self.firewallDomainListId = firewallDomainListId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainListId = "FirewallDomainListId"
        }
    }

    public struct GetFirewallDomainListResponse: AWSDecodableShape {
        /// The domain list that you requested.
        public let firewallDomainList: FirewallDomainList?

        @inlinable
        public init(firewallDomainList: FirewallDomainList? = nil) {
            self.firewallDomainList = firewallDomainList
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainList = "FirewallDomainList"
        }
    }

    public struct GetFirewallRuleGroupAssociationRequest: AWSEncodableShape {
        /// The identifier of the FirewallRuleGroupAssociation.
        public let firewallRuleGroupAssociationId: String

        @inlinable
        public init(firewallRuleGroupAssociationId: String) {
            self.firewallRuleGroupAssociationId = firewallRuleGroupAssociationId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupAssociationId, name: "firewallRuleGroupAssociationId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupAssociationId, name: "firewallRuleGroupAssociationId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociationId = "FirewallRuleGroupAssociationId"
        }
    }

    public struct GetFirewallRuleGroupAssociationResponse: AWSDecodableShape {
        /// The association that you requested.
        public let firewallRuleGroupAssociation: FirewallRuleGroupAssociation?

        @inlinable
        public init(firewallRuleGroupAssociation: FirewallRuleGroupAssociation? = nil) {
            self.firewallRuleGroupAssociation = firewallRuleGroupAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociation = "FirewallRuleGroupAssociation"
        }
    }

    public struct GetFirewallRuleGroupPolicyRequest: AWSEncodableShape {
        /// The ARN (Amazon Resource Name) for the rule group.
        public let arn: String

        @inlinable
        public init(arn: String) {
            self.arn = arn
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 255)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
        }
    }

    public struct GetFirewallRuleGroupPolicyResponse: AWSDecodableShape {
        /// The Identity and Access Management (Amazon Web Services IAM) policy for sharing the specified rule
        /// 			group. You can use the policy to share the rule group using Resource Access Manager
        /// 			(RAM).
        public let firewallRuleGroupPolicy: String?

        @inlinable
        public init(firewallRuleGroupPolicy: String? = nil) {
            self.firewallRuleGroupPolicy = firewallRuleGroupPolicy
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupPolicy = "FirewallRuleGroupPolicy"
        }
    }

    public struct GetFirewallRuleGroupRequest: AWSEncodableShape {
        /// The unique identifier of the firewall rule group.
        public let firewallRuleGroupId: String

        @inlinable
        public init(firewallRuleGroupId: String) {
            self.firewallRuleGroupId = firewallRuleGroupId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupId = "FirewallRuleGroupId"
        }
    }

    public struct GetFirewallRuleGroupResponse: AWSDecodableShape {
        /// A collection of rules used to filter DNS network traffic.
        public let firewallRuleGroup: FirewallRuleGroup?

        @inlinable
        public init(firewallRuleGroup: FirewallRuleGroup? = nil) {
            self.firewallRuleGroup = firewallRuleGroup
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroup = "FirewallRuleGroup"
        }
    }

    public struct GetOutpostResolverRequest: AWSEncodableShape {
        /// The ID of the Resolver on the Outpost.
        public let id: String

        @inlinable
        public init(id: String) {
            self.id = id
        }

        public func validate(name: String) throws {
            try self.validate(self.id, name: "id", parent: name, max: 64)
            try self.validate(self.id, name: "id", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
        }
    }

    public struct GetOutpostResolverResponse: AWSDecodableShape {
        /// Information about the GetOutpostResolver
        /// 		request, including the status of the request.
        public let outpostResolver: OutpostResolver?

        @inlinable
        public init(outpostResolver: OutpostResolver? = nil) {
            self.outpostResolver = outpostResolver
        }

        private enum CodingKeys: String, CodingKey {
            case outpostResolver = "OutpostResolver"
        }
    }

    public struct GetResolverConfigRequest: AWSEncodableShape {
        /// Resource ID of the Amazon VPC that you want to get information about.
        public let resourceId: String

        @inlinable
        public init(resourceId: String) {
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resourceId = "ResourceId"
        }
    }

    public struct GetResolverConfigResponse: AWSDecodableShape {
        /// Information about the behavior configuration of Route 53 Resolver behavior for the VPC you
        /// 			specified in the GetResolverConfig request.
        public let resolverConfig: ResolverConfig?

        @inlinable
        public init(resolverConfig: ResolverConfig? = nil) {
            self.resolverConfig = resolverConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverConfig = "ResolverConfig"
        }
    }

    public struct GetResolverDnssecConfigRequest: AWSEncodableShape {
        /// The ID of the virtual private cloud (VPC) for the DNSSEC validation status.
        public let resourceId: String

        @inlinable
        public init(resourceId: String) {
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resourceId = "ResourceId"
        }
    }

    public struct GetResolverDnssecConfigResponse: AWSDecodableShape {
        /// The information about a configuration for DNSSEC validation.
        public let resolverDNSSECConfig: ResolverDnssecConfig?

        @inlinable
        public init(resolverDNSSECConfig: ResolverDnssecConfig? = nil) {
            self.resolverDNSSECConfig = resolverDNSSECConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverDNSSECConfig = "ResolverDNSSECConfig"
        }
    }

    public struct GetResolverEndpointRequest: AWSEncodableShape {
        /// The ID of the Resolver endpoint that you want to get information about.
        public let resolverEndpointId: String

        @inlinable
        public init(resolverEndpointId: String) {
            self.resolverEndpointId = resolverEndpointId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpointId = "ResolverEndpointId"
        }
    }

    public struct GetResolverEndpointResponse: AWSDecodableShape {
        /// Information about the Resolver endpoint that you specified in a GetResolverEndpoint request.
        public let resolverEndpoint: ResolverEndpoint?

        @inlinable
        public init(resolverEndpoint: ResolverEndpoint? = nil) {
            self.resolverEndpoint = resolverEndpoint
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpoint = "ResolverEndpoint"
        }
    }

    public struct GetResolverQueryLogConfigAssociationRequest: AWSEncodableShape {
        /// The ID of the Resolver query logging configuration association that you want to get information about.
        public let resolverQueryLogConfigAssociationId: String

        @inlinable
        public init(resolverQueryLogConfigAssociationId: String) {
            self.resolverQueryLogConfigAssociationId = resolverQueryLogConfigAssociationId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverQueryLogConfigAssociationId, name: "resolverQueryLogConfigAssociationId", parent: name, max: 64)
            try self.validate(self.resolverQueryLogConfigAssociationId, name: "resolverQueryLogConfigAssociationId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigAssociationId = "ResolverQueryLogConfigAssociationId"
        }
    }

    public struct GetResolverQueryLogConfigAssociationResponse: AWSDecodableShape {
        /// Information about the Resolver query logging configuration association that you specified in a GetQueryLogConfigAssociation request.
        public let resolverQueryLogConfigAssociation: ResolverQueryLogConfigAssociation?

        @inlinable
        public init(resolverQueryLogConfigAssociation: ResolverQueryLogConfigAssociation? = nil) {
            self.resolverQueryLogConfigAssociation = resolverQueryLogConfigAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigAssociation = "ResolverQueryLogConfigAssociation"
        }
    }

    public struct GetResolverQueryLogConfigPolicyRequest: AWSEncodableShape {
        /// The ARN of the query logging configuration that you want to get the query logging policy for.
        public let arn: String

        @inlinable
        public init(arn: String) {
            self.arn = arn
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 255)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
        }
    }

    public struct GetResolverQueryLogConfigPolicyResponse: AWSDecodableShape {
        /// Information about the query logging policy for the query logging configuration that you specified in a
        /// 			GetResolverQueryLogConfigPolicy request.
        public let resolverQueryLogConfigPolicy: String?

        @inlinable
        public init(resolverQueryLogConfigPolicy: String? = nil) {
            self.resolverQueryLogConfigPolicy = resolverQueryLogConfigPolicy
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigPolicy = "ResolverQueryLogConfigPolicy"
        }
    }

    public struct GetResolverQueryLogConfigRequest: AWSEncodableShape {
        /// The ID of the Resolver query logging configuration that you want to get information about.
        public let resolverQueryLogConfigId: String

        @inlinable
        public init(resolverQueryLogConfigId: String) {
            self.resolverQueryLogConfigId = resolverQueryLogConfigId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, max: 64)
            try self.validate(self.resolverQueryLogConfigId, name: "resolverQueryLogConfigId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfigId = "ResolverQueryLogConfigId"
        }
    }

    public struct GetResolverQueryLogConfigResponse: AWSDecodableShape {
        /// Information about the Resolver query logging configuration that you specified in a GetQueryLogConfig request.
        public let resolverQueryLogConfig: ResolverQueryLogConfig?

        @inlinable
        public init(resolverQueryLogConfig: ResolverQueryLogConfig? = nil) {
            self.resolverQueryLogConfig = resolverQueryLogConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverQueryLogConfig = "ResolverQueryLogConfig"
        }
    }

    public struct GetResolverRuleAssociationRequest: AWSEncodableShape {
        /// The ID of the Resolver rule association that you want to get information about.
        public let resolverRuleAssociationId: String

        @inlinable
        public init(resolverRuleAssociationId: String) {
            self.resolverRuleAssociationId = resolverRuleAssociationId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverRuleAssociationId, name: "resolverRuleAssociationId", parent: name, max: 64)
            try self.validate(self.resolverRuleAssociationId, name: "resolverRuleAssociationId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleAssociationId = "ResolverRuleAssociationId"
        }
    }

    public struct GetResolverRuleAssociationResponse: AWSDecodableShape {
        /// Information about the Resolver rule association that you specified in a GetResolverRuleAssociation request.
        public let resolverRuleAssociation: ResolverRuleAssociation?

        @inlinable
        public init(resolverRuleAssociation: ResolverRuleAssociation? = nil) {
            self.resolverRuleAssociation = resolverRuleAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleAssociation = "ResolverRuleAssociation"
        }
    }

    public struct GetResolverRulePolicyRequest: AWSEncodableShape {
        /// The ID of the Resolver rule that you want to get the Resolver rule policy for.
        public let arn: String

        @inlinable
        public init(arn: String) {
            self.arn = arn
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 255)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
        }
    }

    public struct GetResolverRulePolicyResponse: AWSDecodableShape {
        /// The Resolver rule policy for the rule that you specified in a GetResolverRulePolicy request.
        public let resolverRulePolicy: String?

        @inlinable
        public init(resolverRulePolicy: String? = nil) {
            self.resolverRulePolicy = resolverRulePolicy
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRulePolicy = "ResolverRulePolicy"
        }
    }

    public struct GetResolverRuleRequest: AWSEncodableShape {
        /// The ID of the Resolver rule that you want to get information about.
        public let resolverRuleId: String

        @inlinable
        public init(resolverRuleId: String) {
            self.resolverRuleId = resolverRuleId
        }

        public func validate(name: String) throws {
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, max: 64)
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRuleId = "ResolverRuleId"
        }
    }

    public struct GetResolverRuleResponse: AWSDecodableShape {
        /// Information about the Resolver rule that you specified in a GetResolverRule request.
        public let resolverRule: ResolverRule?

        @inlinable
        public init(resolverRule: ResolverRule? = nil) {
            self.resolverRule = resolverRule
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRule = "ResolverRule"
        }
    }

    public struct ImportFirewallDomainsRequest: AWSEncodableShape {
        /// The fully qualified URL or URI of the file stored in Amazon Simple Storage Service
        /// 			(Amazon S3) that contains the list of domains to import. The file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.
        public let domainFileUrl: String
        /// The ID of the domain list that you want to modify with the import operation.
        public let firewallDomainListId: String
        /// What you want DNS Firewall to do with the domains that are listed in the file. This must be set to REPLACE, which updates the domain list to exactly match the list in the file.
        public let operation: FirewallDomainImportOperation

        @inlinable
        public init(domainFileUrl: String, firewallDomainListId: String, operation: FirewallDomainImportOperation) {
            self.domainFileUrl = domainFileUrl
            self.firewallDomainListId = firewallDomainListId
            self.operation = operation
        }

        public func validate(name: String) throws {
            try self.validate(self.domainFileUrl, name: "domainFileUrl", parent: name, max: 1024)
            try self.validate(self.domainFileUrl, name: "domainFileUrl", parent: name, min: 1)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case domainFileUrl = "DomainFileUrl"
            case firewallDomainListId = "FirewallDomainListId"
            case operation = "Operation"
        }
    }

    public struct ImportFirewallDomainsResponse: AWSDecodableShape {
        /// The Id of the firewall domain list that DNS Firewall just updated.
        public let id: String?
        /// The name of the domain list.
        public let name: String?
        /// Status of the import request.
        public let status: FirewallDomainListStatus?
        /// Additional information about the status of the list, if available.
        public let statusMessage: String?

        @inlinable
        public init(id: String? = nil, name: String? = nil, status: FirewallDomainListStatus? = nil, statusMessage: String? = nil) {
            self.id = id
            self.name = name
            self.status = status
            self.statusMessage = statusMessage
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case name = "Name"
            case status = "Status"
            case statusMessage = "StatusMessage"
        }
    }

    public struct InvalidParameterException: AWSErrorShape {
        /// For an InvalidParameterException error, the name of the parameter that's invalid.
        public let fieldName: String?
        public let message: String

        @inlinable
        public init(fieldName: String? = nil, message: String) {
            self.fieldName = fieldName
            self.message = message
        }

        private enum CodingKeys: String, CodingKey {
            case fieldName = "FieldName"
            case message = "Message"
        }
    }

    public struct IpAddressRequest: AWSEncodableShape {
        /// The IPv4 address that you want to use for DNS queries.
        public let ip: String?
        /// 			The IPv6 address that you want to use for DNS queries.
        ///
        public let ipv6: String?
        /// The ID of the subnet that contains the IP address.
        public let subnetId: String

        @inlinable
        public init(ip: String? = nil, ipv6: String? = nil, subnetId: String) {
            self.ip = ip
            self.ipv6 = ipv6
            self.subnetId = subnetId
        }

        public func validate(name: String) throws {
            try self.validate(self.ip, name: "ip", parent: name, max: 36)
            try self.validate(self.ip, name: "ip", parent: name, min: 7)
            try self.validate(self.ipv6, name: "ipv6", parent: name, max: 39)
            try self.validate(self.ipv6, name: "ipv6", parent: name, min: 7)
            try self.validate(self.subnetId, name: "subnetId", parent: name, max: 32)
            try self.validate(self.subnetId, name: "subnetId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case ip = "Ip"
            case ipv6 = "Ipv6"
            case subnetId = "SubnetId"
        }
    }

    public struct IpAddressResponse: AWSDecodableShape {
        /// The date and time that the IP address was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// One IPv4 address that the Resolver endpoint uses for DNS queries.
        public let ip: String?
        /// The ID of one IP address.
        public let ipId: String?
        /// 			One IPv6 address that the Resolver endpoint uses for DNS queries.
        ///
        public let ipv6: String?
        /// The date and time that the IP address was last modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// A status code that gives the current status of the request.
        public let status: IpAddressStatus?
        /// A message that provides additional information about the status of the request.
        public let statusMessage: String?
        /// The ID of one subnet.
        public let subnetId: String?

        @inlinable
        public init(creationTime: String? = nil, ip: String? = nil, ipId: String? = nil, ipv6: String? = nil, modificationTime: String? = nil, status: IpAddressStatus? = nil, statusMessage: String? = nil, subnetId: String? = nil) {
            self.creationTime = creationTime
            self.ip = ip
            self.ipId = ipId
            self.ipv6 = ipv6
            self.modificationTime = modificationTime
            self.status = status
            self.statusMessage = statusMessage
            self.subnetId = subnetId
        }

        private enum CodingKeys: String, CodingKey {
            case creationTime = "CreationTime"
            case ip = "Ip"
            case ipId = "IpId"
            case ipv6 = "Ipv6"
            case modificationTime = "ModificationTime"
            case status = "Status"
            case statusMessage = "StatusMessage"
            case subnetId = "SubnetId"
        }
    }

    public struct IpAddressUpdate: AWSEncodableShape {
        /// The new IPv4 address.
        public let ip: String?
        ///  Only when removing an IP address from a Resolver endpoint: The ID of the IP address that you want to remove.
        /// 			To get this ID, use
        /// 			GetResolverEndpoint.
        public let ipId: String?
        /// 			The new IPv6 address.
        ///
        public let ipv6: String?
        /// The ID of the subnet that includes the IP address that you want to update. To get this ID, use
        /// 			GetResolverEndpoint.
        public let subnetId: String?

        @inlinable
        public init(ip: String? = nil, ipId: String? = nil, ipv6: String? = nil, subnetId: String? = nil) {
            self.ip = ip
            self.ipId = ipId
            self.ipv6 = ipv6
            self.subnetId = subnetId
        }

        public func validate(name: String) throws {
            try self.validate(self.ip, name: "ip", parent: name, max: 36)
            try self.validate(self.ip, name: "ip", parent: name, min: 7)
            try self.validate(self.ipId, name: "ipId", parent: name, max: 64)
            try self.validate(self.ipId, name: "ipId", parent: name, min: 1)
            try self.validate(self.ipv6, name: "ipv6", parent: name, max: 39)
            try self.validate(self.ipv6, name: "ipv6", parent: name, min: 7)
            try self.validate(self.subnetId, name: "subnetId", parent: name, max: 32)
            try self.validate(self.subnetId, name: "subnetId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case ip = "Ip"
            case ipId = "IpId"
            case ipv6 = "Ipv6"
            case subnetId = "SubnetId"
        }
    }

    public struct LimitExceededException: AWSErrorShape {
        public let message: String?
        /// For a LimitExceededException error, the type of resource that exceeded the current limit.
        public let resourceType: String?

        @inlinable
        public init(message: String? = nil, resourceType: String? = nil) {
            self.message = message
            self.resourceType = resourceType
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case resourceType = "ResourceType"
        }
    }

    public struct ListFirewallConfigsRequest: AWSEncodableShape {
        /// The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects. If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
        public let maxResults: Int?
        /// For the first call to this list request, omit this value. When you request a list of objects, Resolver returns at most the number of objects  specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next  batch of objects, use the token that was returned for the prior request in your next request.
        public let nextToken: String?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 10)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 5)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallConfigsResponse: AWSDecodableShape {
        /// The configurations for the firewall behavior provided by DNS Firewall for VPCs from
        /// 			Amazon Virtual Private Cloud (Amazon VPC).
        public let firewallConfigs: [FirewallConfig]?
        /// If objects are still available for retrieval, Resolver returns this token in the response.  To retrieve the next batch of objects, provide this token in your next request.
        public let nextToken: String?

        @inlinable
        public init(firewallConfigs: [FirewallConfig]? = nil, nextToken: String? = nil) {
            self.firewallConfigs = firewallConfigs
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case firewallConfigs = "FirewallConfigs"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallDomainListsRequest: AWSEncodableShape {
        /// The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects. If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
        public let maxResults: Int?
        /// For the first call to this list request, omit this value. When you request a list of objects, Resolver returns at most the number of objects  specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next  batch of objects, use the token that was returned for the prior request in your next request.
        public let nextToken: String?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallDomainListsResponse: AWSDecodableShape {
        /// A list of the domain lists that you have defined.    This might be a partial list of the domain lists that you've defined. For information,
        /// 			see MaxResults.
        public let firewallDomainLists: [FirewallDomainListMetadata]?
        /// If objects are still available for retrieval, Resolver returns this token in the response.  To retrieve the next batch of objects, provide this token in your next request.
        public let nextToken: String?

        @inlinable
        public init(firewallDomainLists: [FirewallDomainListMetadata]? = nil, nextToken: String? = nil) {
            self.firewallDomainLists = firewallDomainLists
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainLists = "FirewallDomainLists"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallDomainsRequest: AWSEncodableShape {
        /// The ID of the domain list whose domains you want to retrieve.
        public let firewallDomainListId: String
        /// The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects. If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
        public let maxResults: Int?
        /// For the first call to this list request, omit this value. When you request a list of objects, Resolver returns at most the number of objects  specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next  batch of objects, use the token that was returned for the prior request in your next request.
        public let nextToken: String?

        @inlinable
        public init(firewallDomainListId: String, maxResults: Int? = nil, nextToken: String? = nil) {
            self.firewallDomainListId = firewallDomainListId
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 5000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallDomainListId = "FirewallDomainListId"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallDomainsResponse: AWSDecodableShape {
        /// A list of the domains in the firewall domain list.   This might be a partial list of the domains that you've defined in the domain list. For
        /// 			information, see MaxResults.
        public let domains: [String]?
        /// If objects are still available for retrieval, Resolver returns this token in the response.  To retrieve the next batch of objects, provide this token in your next request.
        public let nextToken: String?

        @inlinable
        public init(domains: [String]? = nil, nextToken: String? = nil) {
            self.domains = domains
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case domains = "Domains"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallRuleGroupAssociationsRequest: AWSEncodableShape {
        /// The unique identifier of the firewall rule group that you want to retrieve the associations for. Leave this blank to retrieve associations for any rule group.
        public let firewallRuleGroupId: String?
        /// The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects. If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
        public let maxResults: Int?
        /// For the first call to this list request, omit this value. When you request a list of objects, Resolver returns at most the number of objects  specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next  batch of objects, use the token that was returned for the prior request in your next request.
        public let nextToken: String?
        /// The setting that determines the processing order of the rule group among the rule
        /// 			groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting
        /// 			from the rule group with the lowest numeric priority setting.
        public let priority: Int?
        /// The association Status setting that you want DNS Firewall to filter on for the list. If you don't specify this, then DNS Firewall returns all associations, regardless of status.
        public let status: FirewallRuleGroupAssociationStatus?
        /// The unique identifier of the VPC that you want to retrieve the associations for. Leave this blank to retrieve associations for any VPC.
        public let vpcId: String?

        @inlinable
        public init(firewallRuleGroupId: String? = nil, maxResults: Int? = nil, nextToken: String? = nil, priority: Int? = nil, status: FirewallRuleGroupAssociationStatus? = nil, vpcId: String? = nil) {
            self.firewallRuleGroupId = firewallRuleGroupId
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.priority = priority
            self.status = status
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.vpcId, name: "vpcId", parent: name, max: 64)
            try self.validate(self.vpcId, name: "vpcId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case priority = "Priority"
            case status = "Status"
            case vpcId = "VpcId"
        }
    }

    public struct ListFirewallRuleGroupAssociationsResponse: AWSDecodableShape {
        /// A list of your firewall rule group associations. This might be a partial list of the associations that you have defined. For information, see MaxResults.
        public let firewallRuleGroupAssociations: [FirewallRuleGroupAssociation]?
        /// If objects are still available for retrieval, Resolver returns this token in the response.  To retrieve the next batch of objects, provide this token in your next request.
        public let nextToken: String?

        @inlinable
        public init(firewallRuleGroupAssociations: [FirewallRuleGroupAssociation]? = nil, nextToken: String? = nil) {
            self.firewallRuleGroupAssociations = firewallRuleGroupAssociations
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociations = "FirewallRuleGroupAssociations"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallRuleGroupsRequest: AWSEncodableShape {
        /// The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects. If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
        public let maxResults: Int?
        /// For the first call to this list request, omit this value. When you request a list of objects, Resolver returns at most the number of objects  specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next  batch of objects, use the token that was returned for the prior request in your next request.
        public let nextToken: String?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallRuleGroupsResponse: AWSDecodableShape {
        /// A list of your firewall rule groups. This might be a partial list of the rule groups that you have defined. For information, see MaxResults.
        public let firewallRuleGroups: [FirewallRuleGroupMetadata]?
        /// If objects are still available for retrieval, Resolver returns this token in the response.  To retrieve the next batch of objects, provide this token in your next request.
        public let nextToken: String?

        @inlinable
        public init(firewallRuleGroups: [FirewallRuleGroupMetadata]? = nil, nextToken: String? = nil) {
            self.firewallRuleGroups = firewallRuleGroups
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroups = "FirewallRuleGroups"
            case nextToken = "NextToken"
        }
    }

    public struct ListFirewallRulesRequest: AWSEncodableShape {
        /// Optional additional filter for the rules to retrieve. The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:    ALLOW - Permit the request to go through. Not availabe for DNS Firewall Advanced rules.    ALERT - Permit the request to go through but send an alert to the logs.    BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
        public let action: Action?
        /// The unique identifier of the firewall rule group that you want to retrieve the rules for.
        public let firewallRuleGroupId: String
        /// The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects. If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
        public let maxResults: Int?
        /// For the first call to this list request, omit this value. When you request a list of objects, Resolver returns at most the number of objects  specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next  batch of objects, use the token that was returned for the prior request in your next request.
        public let nextToken: String?
        /// Optional additional filter for the rules to retrieve. The setting that determines the processing order of the rules in a rule group. DNS Firewall  processes the rules in a rule group by order of priority, starting from the lowest setting.
        public let priority: Int?

        @inlinable
        public init(action: Action? = nil, firewallRuleGroupId: String, maxResults: Int? = nil, nextToken: String? = nil, priority: Int? = nil) {
            self.action = action
            self.firewallRuleGroupId = firewallRuleGroupId
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.priority = priority
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case action = "Action"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case priority = "Priority"
        }
    }

    public struct ListFirewallRulesResponse: AWSDecodableShape {
        /// A list of the rules that you have defined.   This might be a partial list of the firewall rules that you've defined. For information,
        /// 			see MaxResults.
        public let firewallRules: [FirewallRule]?
        /// If objects are still available for retrieval, Resolver returns this token in the response.  To retrieve the next batch of objects, provide this token in your next request.
        public let nextToken: String?

        @inlinable
        public init(firewallRules: [FirewallRule]? = nil, nextToken: String? = nil) {
            self.firewallRules = firewallRules
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRules = "FirewallRules"
            case nextToken = "NextToken"
        }
    }

    public struct ListOutpostResolversRequest: AWSEncodableShape {
        /// The maximum number of Resolvers on the Outpost that you want to return in the response to a
        /// 				ListOutpostResolver request. If you don't specify a value for
        /// 				MaxResults, the request returns up to 100 Resolvers.
        public let maxResults: Int?
        /// For the first ListOutpostResolver request, omit this value.
        public let nextToken: String?
        /// The Amazon Resource Name (ARN) of the Outpost.
        public let outpostArn: String?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil, outpostArn: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.outpostArn = outpostArn
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, max: 255)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, min: 1)
            try self.validate(self.outpostArn, name: "outpostArn", parent: name, pattern: "^arn:aws([a-z-]+)?:outposts:[a-z\\d-]+:\\d{12}:outpost/op-[a-f0-9]{17}$")
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case outpostArn = "OutpostArn"
        }
    }

    public struct ListOutpostResolversResponse: AWSDecodableShape {
        /// If more than MaxResults Resolvers match the specified criteria, you can submit another
        /// 		ListOutpostResolver request to get the next group of results. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?
        /// The Resolvers on Outposts that were created by using the current Amazon Web Services account,
        /// 		and that match the specified filters, if any.
        public let outpostResolvers: [OutpostResolver]?

        @inlinable
        public init(nextToken: String? = nil, outpostResolvers: [OutpostResolver]? = nil) {
            self.nextToken = nextToken
            self.outpostResolvers = outpostResolvers
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case outpostResolvers = "OutpostResolvers"
        }
    }

    public struct ListResolverConfigsRequest: AWSEncodableShape {
        /// The maximum number of Resolver configurations that you want to return in the response to
        /// 			a ListResolverConfigs request. If you don't specify a value for MaxResults,
        /// 			up to 100 Resolver configurations are returned.
        public let maxResults: Int?
        /// (Optional) If the current Amazon Web Services account has more than MaxResults Resolver configurations, use
        /// 			NextToken to get the second and subsequent pages of results. For the first ListResolverConfigs request, omit this value. For the second and subsequent requests, get the value of NextToken from the previous response and
        /// 			specify that value for NextToken in the request.
        public let nextToken: String?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 5)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListResolverConfigsResponse: AWSDecodableShape {
        /// If a response includes the last of the Resolver configurations that are associated with the current Amazon Web Services account,
        /// 			NextToken doesn't appear in the response. If a response doesn't include the last of the configurations, you can get more configurations by submitting another
        /// 			ListResolverConfigs request.
        /// 			Get the value of NextToken that Amazon Route 53 returned in the previous response and include it in
        /// 			NextToken in the next request.
        public let nextToken: String?
        /// An array that contains one ResolverConfigs element for each Resolver configuration that is associated
        /// 			with the current Amazon Web Services account.
        public let resolverConfigs: [ResolverConfig]?

        @inlinable
        public init(nextToken: String? = nil, resolverConfigs: [ResolverConfig]? = nil) {
            self.nextToken = nextToken
            self.resolverConfigs = resolverConfigs
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case resolverConfigs = "ResolverConfigs"
        }
    }

    public struct ListResolverDnssecConfigsRequest: AWSEncodableShape {
        /// An optional specification to return a subset of objects.
        public let filters: [Filter]?
        ///  Optional: An integer that specifies the maximum number of DNSSEC configuration results that you want Amazon Route 53 to return.
        /// 			If you don't specify a value for MaxResults, Route 53 returns up to 100 configuration per page.
        public let maxResults: Int?
        /// (Optional) If the current Amazon Web Services account has more than MaxResults DNSSEC configurations, use NextToken
        /// 			to get the second and subsequent pages of results. For the first ListResolverDnssecConfigs request, omit this value. For the second and subsequent requests, get the value of NextToken from the previous response and specify that value
        /// 			for NextToken in the request.
        public let nextToken: String?

        @inlinable
        public init(filters: [Filter]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.filters?.forEach {
                try $0.validate(name: "\(name).filters[]")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListResolverDnssecConfigsResponse: AWSDecodableShape {
        /// If a response includes the last of the DNSSEC configurations that are associated with the current Amazon Web Services account,
        /// 			NextToken doesn't appear in the response. If a response doesn't include the last of the configurations, you can get more configurations by submitting another
        /// 			ListResolverDnssecConfigs
        /// 			request. Get the value of NextToken that Amazon Route 53 returned in the previous response and include it in
        /// 			NextToken in the next request.
        public let nextToken: String?
        /// An array that contains one
        /// 			ResolverDnssecConfig element
        /// 			for each configuration for DNSSEC validation that is associated with the current Amazon Web Services account.
        /// 			 It doesn't contain disabled DNSSEC configurations for the resource.
        public let resolverDnssecConfigs: [ResolverDnssecConfig]?

        @inlinable
        public init(nextToken: String? = nil, resolverDnssecConfigs: [ResolverDnssecConfig]? = nil) {
            self.nextToken = nextToken
            self.resolverDnssecConfigs = resolverDnssecConfigs
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case resolverDnssecConfigs = "ResolverDnssecConfigs"
        }
    }

    public struct ListResolverEndpointIpAddressesRequest: AWSEncodableShape {
        /// The maximum number of IP addresses that you want to return in the response to a ListResolverEndpointIpAddresses request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 IP addresses.
        public let maxResults: Int?
        /// For the first ListResolverEndpointIpAddresses request, omit this value. If the specified Resolver endpoint has more than MaxResults IP addresses, you can submit another
        /// 			ListResolverEndpointIpAddresses request to get the next group of IP addresses. In the next request, specify the value of
        /// 			NextToken from the previous response.
        public let nextToken: String?
        /// The ID of the Resolver endpoint that you want to get IP addresses for.
        public let resolverEndpointId: String

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil, resolverEndpointId: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.resolverEndpointId = resolverEndpointId
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case resolverEndpointId = "ResolverEndpointId"
        }
    }

    public struct ListResolverEndpointIpAddressesResponse: AWSDecodableShape {
        /// Information about the IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward
        /// 			DNS queries to (for inbound endpoints).
        public let ipAddresses: [IpAddressResponse]?
        /// The value that you specified for MaxResults in the request.
        public let maxResults: Int?
        /// If the specified endpoint has more than MaxResults IP addresses, you can submit another
        /// 			ListResolverEndpointIpAddresses request to get the next group of IP addresses. In the next request,
        /// 			specify the value of NextToken from the previous response.
        public let nextToken: String?

        @inlinable
        public init(ipAddresses: [IpAddressResponse]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.ipAddresses = ipAddresses
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case ipAddresses = "IpAddresses"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListResolverEndpointsRequest: AWSEncodableShape {
        /// An optional specification to return a subset of Resolver endpoints, such as all inbound Resolver endpoints.  If you submit a second or subsequent ListResolverEndpoints request and specify the NextToken parameter,
        /// 			you must use the same values for Filters, if any, as in the previous request.
        public let filters: [Filter]?
        /// The maximum number of Resolver endpoints that you want to return in the response to a ListResolverEndpoints request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 Resolver endpoints.
        public let maxResults: Int?
        /// For the first ListResolverEndpoints request, omit this value. If you have more than MaxResults Resolver endpoints, you can submit another ListResolverEndpoints request
        /// 			to get the next group of Resolver endpoints. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?

        @inlinable
        public init(filters: [Filter]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.filters?.forEach {
                try $0.validate(name: "\(name).filters[]")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListResolverEndpointsResponse: AWSDecodableShape {
        /// The value that you specified for MaxResults in the request.
        public let maxResults: Int?
        /// If more than MaxResults IP addresses match the specified criteria, you can submit another ListResolverEndpoint request
        /// 			to get the next group of results. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?
        /// The Resolver endpoints that were created by using the current Amazon Web Services account, and that match the specified filters, if any.
        public let resolverEndpoints: [ResolverEndpoint]?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil, resolverEndpoints: [ResolverEndpoint]? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.resolverEndpoints = resolverEndpoints
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case resolverEndpoints = "ResolverEndpoints"
        }
    }

    public struct ListResolverQueryLogConfigAssociationsRequest: AWSEncodableShape {
        /// An optional specification to return a subset of query logging associations.  If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
        /// 				you must use the same values for Filters, if any, as in the previous request.
        public let filters: [Filter]?
        /// The maximum number of query logging associations that you want to return in the response to a ListResolverQueryLogConfigAssociations request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 query logging associations.
        public let maxResults: Int?
        /// For the first ListResolverQueryLogConfigAssociations request, omit this value. If there are more than MaxResults query logging associations that match the values that you specify for Filters,
        /// 			you can submit another ListResolverQueryLogConfigAssociations request to get the next group of associations. In the next request, specify the value of
        /// 			NextToken from the previous response.
        public let nextToken: String?
        /// The element that you want Resolver to sort query logging associations by.   If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
        /// 				you must use the same value for SortBy, if any, as in the previous request.  Valid values include the following elements:    CreationTime: The ID of the query logging association.    Error: If the value of Status is FAILED, the value of Error
        /// 				indicates the cause:     DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.    ACCESS_DENIED: Permissions don't allow sending logs to the destination.   If Status is a value other than FAILED, ERROR is null.    Id: The ID of the query logging association    ResolverQueryLogConfigId: The ID of the query logging configuration    ResourceId: The ID of the VPC that is associated with the query logging configuration    Status: The current status of the configuration. Valid values include the following:    CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.    CREATED: The association between an Amazon VPC and a query logging configuration
        /// 						was successfully created. Resolver is logging queries that originate in the specified VPC.    DELETING: Resolver is deleting this query logging association.    FAILED: Resolver either couldn't create or couldn't delete the query logging association.
        /// 						Here are two common causes:   The specified destination (for example, an Amazon S3 bucket) was deleted.   Permissions don't allow sending logs to the destination.
        public let sortBy: String?
        /// If you specified a value for SortBy, the order that you want query logging associations to be listed in,
        /// 			ASCENDING or DESCENDING.  If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
        /// 				you must use the same value for SortOrder, if any, as in the previous request.
        public let sortOrder: SortOrder?

        @inlinable
        public init(filters: [Filter]? = nil, maxResults: Int? = nil, nextToken: String? = nil, sortBy: String? = nil, sortOrder: SortOrder? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.sortBy = sortBy
            self.sortOrder = sortOrder
        }

        public func validate(name: String) throws {
            try self.filters?.forEach {
                try $0.validate(name: "\(name).filters[]")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.sortBy, name: "sortBy", parent: name, max: 64)
            try self.validate(self.sortBy, name: "sortBy", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case sortBy = "SortBy"
            case sortOrder = "SortOrder"
        }
    }

    public struct ListResolverQueryLogConfigAssociationsResponse: AWSDecodableShape {
        /// If there are more than MaxResults query logging associations, you can submit another ListResolverQueryLogConfigAssociations request
        /// 			to get the next group of associations. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?
        /// A list that contains one ResolverQueryLogConfigAssociations element for each query logging association that matches the
        /// 			values that you specified for Filter.
        public let resolverQueryLogConfigAssociations: [ResolverQueryLogConfigAssociation]?
        /// The total number of query logging associations that were created by the current account in the specified Region. This count can differ from the
        /// 			number of associations that are returned in a ListResolverQueryLogConfigAssociations response, depending on the values that you specify
        /// 			in the request.
        public let totalCount: Int?
        /// The total number of query logging associations that were created by the current account in the specified Region and that match the filters
        /// 			that were specified in the ListResolverQueryLogConfigAssociations request. For the total number of associations that were created by the
        /// 			current account in the specified Region, see TotalCount.
        public let totalFilteredCount: Int?

        @inlinable
        public init(nextToken: String? = nil, resolverQueryLogConfigAssociations: [ResolverQueryLogConfigAssociation]? = nil, totalCount: Int? = nil, totalFilteredCount: Int? = nil) {
            self.nextToken = nextToken
            self.resolverQueryLogConfigAssociations = resolverQueryLogConfigAssociations
            self.totalCount = totalCount
            self.totalFilteredCount = totalFilteredCount
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case resolverQueryLogConfigAssociations = "ResolverQueryLogConfigAssociations"
            case totalCount = "TotalCount"
            case totalFilteredCount = "TotalFilteredCount"
        }
    }

    public struct ListResolverQueryLogConfigsRequest: AWSEncodableShape {
        /// An optional specification to return a subset of query logging configurations.  If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter,
        /// 				you must use the same values for Filters, if any, as in the previous request.
        public let filters: [Filter]?
        /// The maximum number of query logging configurations that you want to return in the response to a ListResolverQueryLogConfigs request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 query logging configurations.
        public let maxResults: Int?
        /// For the first ListResolverQueryLogConfigs request, omit this value. If there are more than MaxResults query logging configurations that match the values that you specify for Filters,
        /// 			you can submit another ListResolverQueryLogConfigs request to get the next group of configurations. In the next request, specify the value of
        /// 			NextToken from the previous response.
        public let nextToken: String?
        /// The element that you want Resolver to sort query logging configurations by.   If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter,
        /// 				you must use the same value for SortBy, if any, as in the previous request.  Valid values include the following elements:    Arn: The ARN of the query logging configuration    AssociationCount: The number of VPCs that are associated with the specified configuration     CreationTime: The date and time that Resolver returned when the configuration was created    CreatorRequestId: The value that was specified for CreatorRequestId when the configuration was created    DestinationArn: The location that logs are sent to    Id: The ID of the configuration    Name: The name of the configuration    OwnerId: The Amazon Web Services account number of the account that created the configuration    ShareStatus: Whether the configuration is shared with other Amazon Web Services accounts or shared with the current account by
        /// 				another Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).    Status: The current status of the configuration. Valid values include the following:    CREATING: Resolver is creating the query logging configuration.    CREATED: The query logging configuration was successfully created.
        /// 						Resolver is logging queries that originate in the specified VPC.    DELETING: Resolver is deleting this query logging configuration.    FAILED: Resolver either couldn't create or couldn't delete the query logging configuration.
        /// 						Here are two common causes:   The specified destination (for example, an Amazon S3 bucket) was deleted.   Permissions don't allow sending logs to the destination.
        public let sortBy: String?
        /// If you specified a value for SortBy, the order that you want query logging configurations to be listed in,
        /// 			ASCENDING or DESCENDING.  If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter,
        /// 				you must use the same value for SortOrder, if any, as in the previous request.
        public let sortOrder: SortOrder?

        @inlinable
        public init(filters: [Filter]? = nil, maxResults: Int? = nil, nextToken: String? = nil, sortBy: String? = nil, sortOrder: SortOrder? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.sortBy = sortBy
            self.sortOrder = sortOrder
        }

        public func validate(name: String) throws {
            try self.filters?.forEach {
                try $0.validate(name: "\(name).filters[]")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.sortBy, name: "sortBy", parent: name, max: 64)
            try self.validate(self.sortBy, name: "sortBy", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case sortBy = "SortBy"
            case sortOrder = "SortOrder"
        }
    }

    public struct ListResolverQueryLogConfigsResponse: AWSDecodableShape {
        /// If there are more than MaxResults query logging configurations, you can submit another ListResolverQueryLogConfigs request
        /// 			to get the next group of configurations. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?
        /// A list that contains one ResolverQueryLogConfig element for each query logging configuration that matches the
        /// 			values that you specified for Filter.
        public let resolverQueryLogConfigs: [ResolverQueryLogConfig]?
        /// The total number of query logging configurations that were created by the current account in the specified Region. This count can differ from the
        /// 			number of query logging configurations that are returned in a ListResolverQueryLogConfigs response, depending on the values that you specify
        /// 			in the request.
        public let totalCount: Int?
        /// The total number of query logging configurations that were created by the current account in the specified Region and that match the filters
        /// 			that were specified in the ListResolverQueryLogConfigs request. For the total number of query logging configurations that were created by the
        /// 			current account in the specified Region, see TotalCount.
        public let totalFilteredCount: Int?

        @inlinable
        public init(nextToken: String? = nil, resolverQueryLogConfigs: [ResolverQueryLogConfig]? = nil, totalCount: Int? = nil, totalFilteredCount: Int? = nil) {
            self.nextToken = nextToken
            self.resolverQueryLogConfigs = resolverQueryLogConfigs
            self.totalCount = totalCount
            self.totalFilteredCount = totalFilteredCount
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case resolverQueryLogConfigs = "ResolverQueryLogConfigs"
            case totalCount = "TotalCount"
            case totalFilteredCount = "TotalFilteredCount"
        }
    }

    public struct ListResolverRuleAssociationsRequest: AWSEncodableShape {
        /// An optional specification to return a subset of Resolver rules, such as Resolver rules that are associated with the same VPC ID.  If you submit a second or subsequent ListResolverRuleAssociations request and specify the NextToken parameter,
        /// 			you must use the same values for Filters, if any, as in the previous request.
        public let filters: [Filter]?
        /// The maximum number of rule associations that you want to return in the response to a ListResolverRuleAssociations request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 rule associations.
        public let maxResults: Int?
        /// For the first ListResolverRuleAssociation request, omit this value. If you have more than MaxResults rule associations, you can submit another ListResolverRuleAssociation request
        /// 			to get the next group of rule associations. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?

        @inlinable
        public init(filters: [Filter]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.filters?.forEach {
                try $0.validate(name: "\(name).filters[]")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListResolverRuleAssociationsResponse: AWSDecodableShape {
        /// The value that you specified for MaxResults in the request.
        public let maxResults: Int?
        /// If more than MaxResults rule associations match the specified criteria, you can submit another
        /// 			ListResolverRuleAssociation request to get the next group of results. In the next request, specify the value of
        /// 			NextToken from the previous response.
        public let nextToken: String?
        /// The associations that were created between Resolver rules and VPCs using the current Amazon Web Services account, and that match the
        /// 			specified filters, if any.
        public let resolverRuleAssociations: [ResolverRuleAssociation]?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil, resolverRuleAssociations: [ResolverRuleAssociation]? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.resolverRuleAssociations = resolverRuleAssociations
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case resolverRuleAssociations = "ResolverRuleAssociations"
        }
    }

    public struct ListResolverRulesRequest: AWSEncodableShape {
        /// An optional specification to return a subset of Resolver rules, such as all Resolver rules that are associated with the same Resolver endpoint.  If you submit a second or subsequent ListResolverRules request and specify the NextToken parameter,
        /// 			you must use the same values for Filters, if any, as in the previous request.
        public let filters: [Filter]?
        /// The maximum number of Resolver rules that you want to return in the response to a ListResolverRules request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 Resolver rules.
        public let maxResults: Int?
        /// For the first ListResolverRules request, omit this value. If you have more than MaxResults Resolver rules, you can submit another ListResolverRules request
        /// 			to get the next group of Resolver rules. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?

        @inlinable
        public init(filters: [Filter]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.filters?.forEach {
                try $0.validate(name: "\(name).filters[]")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListResolverRulesResponse: AWSDecodableShape {
        /// The value that you specified for MaxResults in the request.
        public let maxResults: Int?
        /// If more than MaxResults Resolver rules match the specified criteria, you can submit another
        /// 			ListResolverRules request to get the next group of results. In the next request, specify the value of
        /// 			NextToken from the previous response.
        public let nextToken: String?
        /// The Resolver rules that were created using the current Amazon Web Services account and that match the specified filters, if any.
        public let resolverRules: [ResolverRule]?

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil, resolverRules: [ResolverRule]? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.resolverRules = resolverRules
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case resolverRules = "ResolverRules"
        }
    }

    public struct ListTagsForResourceRequest: AWSEncodableShape {
        /// The maximum number of tags that you want to return in the response to a ListTagsForResource request.
        /// 			If you don't specify a value for MaxResults, Resolver returns up to 100 tags.
        public let maxResults: Int?
        /// For the first ListTagsForResource request, omit this value. If you have more than MaxResults tags, you can submit another ListTagsForResource request
        /// 			to get the next group of tags for the resource. In the next request, specify the value of NextToken from the previous response.
        public let nextToken: String?
        /// The Amazon Resource Name (ARN) for the resource that you want to list tags for.
        public let resourceArn: String

        @inlinable
        public init(maxResults: Int? = nil, nextToken: String? = nil, resourceArn: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.resourceArn = resourceArn
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, max: 255)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case resourceArn = "ResourceArn"
        }
    }

    public struct ListTagsForResourceResponse: AWSDecodableShape {
        /// If more than MaxResults tags match the specified criteria, you can submit another
        /// 			ListTagsForResource request to get the next group of results. In the next request, specify the value of
        /// 			NextToken from the previous response.
        public let nextToken: String?
        /// The tags that are associated with the resource that you specified in the ListTagsForResource request.
        public let tags: [Tag]?

        @inlinable
        public init(nextToken: String? = nil, tags: [Tag]? = nil) {
            self.nextToken = nextToken
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case tags = "Tags"
        }
    }

    public struct OutpostResolver: AWSDecodableShape {
        /// The ARN (Amazon Resource Name) for the Resolver on an Outpost.
        public let arn: String?
        /// The date and time that the Outpost Resolver was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string that identifies the request that created the Resolver endpoint.
        /// 		The CreatorRequestId allows failed requests to be retried without the risk of running the operation twice.
        public let creatorRequestId: String?
        /// The ID of the Resolver on Outpost.
        public let id: String?
        /// Amazon EC2 instance count for the Resolver on the Outpost.
        public let instanceCount: Int?
        /// The date and time that the Outpost Resolver was modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// Name of the Resolver.
        public let name: String?
        /// The ARN (Amazon Resource Name) for the Outpost.
        public let outpostArn: String?
        /// 			The Amazon EC2 instance type.
        ///
        public let preferredInstanceType: String?
        /// Status of the Resolver.
        public let status: OutpostResolverStatus?
        /// A detailed description of the Resolver.
        public let statusMessage: String?

        @inlinable
        public init(arn: String? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, id: String? = nil, instanceCount: Int? = nil, modificationTime: String? = nil, name: String? = nil, outpostArn: String? = nil, preferredInstanceType: String? = nil, status: OutpostResolverStatus? = nil, statusMessage: String? = nil) {
            self.arn = arn
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.id = id
            self.instanceCount = instanceCount
            self.modificationTime = modificationTime
            self.name = name
            self.outpostArn = outpostArn
            self.preferredInstanceType = preferredInstanceType
            self.status = status
            self.statusMessage = statusMessage
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case id = "Id"
            case instanceCount = "InstanceCount"
            case modificationTime = "ModificationTime"
            case name = "Name"
            case outpostArn = "OutpostArn"
            case preferredInstanceType = "PreferredInstanceType"
            case status = "Status"
            case statusMessage = "StatusMessage"
        }
    }

    public struct PutFirewallRuleGroupPolicyRequest: AWSEncodableShape {
        /// The ARN (Amazon Resource Name) for the rule group that you want to share.
        public let arn: String
        /// The Identity and Access Management (Amazon Web Services IAM) policy to attach to the rule group.
        public let firewallRuleGroupPolicy: String

        @inlinable
        public init(arn: String, firewallRuleGroupPolicy: String) {
            self.arn = arn
            self.firewallRuleGroupPolicy = firewallRuleGroupPolicy
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 255)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
            try self.validate(self.firewallRuleGroupPolicy, name: "firewallRuleGroupPolicy", parent: name, max: 30000)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case firewallRuleGroupPolicy = "FirewallRuleGroupPolicy"
        }
    }

    public struct PutFirewallRuleGroupPolicyResponse: AWSDecodableShape {
        public let returnValue: Bool?

        @inlinable
        public init(returnValue: Bool? = nil) {
            self.returnValue = returnValue
        }

        private enum CodingKeys: String, CodingKey {
            case returnValue = "ReturnValue"
        }
    }

    public struct PutResolverQueryLogConfigPolicyRequest: AWSEncodableShape {
        /// The Amazon Resource Name (ARN) of the account that you want to share rules with.
        public let arn: String
        /// An Identity and Access Management policy statement that lists the query logging configurations that you want to share with another Amazon Web Services account
        /// 			and the operations that you want the account to be able to perform. You can specify the following operations in the Actions section
        /// 			of the statement:    route53resolver:AssociateResolverQueryLogConfig     route53resolver:DisassociateResolverQueryLogConfig     route53resolver:ListResolverQueryLogConfigs    In the Resource section of the statement, you specify the ARNs for the query logging configurations that you want to share
        /// 			with the account that you specified in Arn.
        public let resolverQueryLogConfigPolicy: String

        @inlinable
        public init(arn: String, resolverQueryLogConfigPolicy: String) {
            self.arn = arn
            self.resolverQueryLogConfigPolicy = resolverQueryLogConfigPolicy
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 255)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
            try self.validate(self.resolverQueryLogConfigPolicy, name: "resolverQueryLogConfigPolicy", parent: name, max: 30000)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case resolverQueryLogConfigPolicy = "ResolverQueryLogConfigPolicy"
        }
    }

    public struct PutResolverQueryLogConfigPolicyResponse: AWSDecodableShape {
        /// Whether the PutResolverQueryLogConfigPolicy request was successful.
        public let returnValue: Bool?

        @inlinable
        public init(returnValue: Bool? = nil) {
            self.returnValue = returnValue
        }

        private enum CodingKeys: String, CodingKey {
            case returnValue = "ReturnValue"
        }
    }

    public struct PutResolverRulePolicyRequest: AWSEncodableShape {
        /// The Amazon Resource Name (ARN) of the rule that you want to share with another account.
        public let arn: String
        /// An Identity and Access Management policy statement that lists the rules that you want to share with another Amazon Web Services account and the operations that you want the account
        /// 			to be able to perform. You can specify the following operations in the Action section of the statement:    route53resolver:GetResolverRule     route53resolver:AssociateResolverRule     route53resolver:DisassociateResolverRule     route53resolver:ListResolverRules     route53resolver:ListResolverRuleAssociations    In the Resource section of the statement, specify the ARN for the rule that you want to share with another account. Specify the same ARN
        /// 			that you specified in Arn.
        public let resolverRulePolicy: String

        @inlinable
        public init(arn: String, resolverRulePolicy: String) {
            self.arn = arn
            self.resolverRulePolicy = resolverRulePolicy
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 255)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
            try self.validate(self.resolverRulePolicy, name: "resolverRulePolicy", parent: name, max: 30000)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case resolverRulePolicy = "ResolverRulePolicy"
        }
    }

    public struct PutResolverRulePolicyResponse: AWSDecodableShape {
        /// Whether the PutResolverRulePolicy request was successful.
        public let returnValue: Bool?

        @inlinable
        public init(returnValue: Bool? = nil) {
            self.returnValue = returnValue
        }

        private enum CodingKeys: String, CodingKey {
            case returnValue = "ReturnValue"
        }
    }

    public struct ResolverConfig: AWSDecodableShape {
        ///  The status of whether or not the Resolver will create autodefined rules for reverse DNS
        /// 			lookups. This is enabled by default. The status can be one of following:    ENABLING: Autodefined rules for reverse DNS lookups are being
        /// 					enabled but are not complete.    ENABLED: Autodefined rules for reverse DNS lookups are
        /// 					enabled.    DISABLING: Autodefined rules for reverse DNS lookups are
        /// 					being disabled but are not complete.    DISABLED: Autodefined rules for reverse DNS lookups are
        /// 					disabled.
        public let autodefinedReverse: ResolverAutodefinedReverseStatus?
        /// ID for the Resolver configuration.
        public let id: String?
        /// The owner account ID of the Amazon Virtual Private Cloud VPC.
        public let ownerId: String?
        /// The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.
        public let resourceId: String?

        @inlinable
        public init(autodefinedReverse: ResolverAutodefinedReverseStatus? = nil, id: String? = nil, ownerId: String? = nil, resourceId: String? = nil) {
            self.autodefinedReverse = autodefinedReverse
            self.id = id
            self.ownerId = ownerId
            self.resourceId = resourceId
        }

        private enum CodingKeys: String, CodingKey {
            case autodefinedReverse = "AutodefinedReverse"
            case id = "Id"
            case ownerId = "OwnerId"
            case resourceId = "ResourceId"
        }
    }

    public struct ResolverDnssecConfig: AWSDecodableShape {
        /// The ID for a configuration for DNSSEC validation.
        public let id: String?
        /// The owner account ID of the virtual private cloud (VPC) for a configuration for DNSSEC validation.
        public let ownerId: String?
        /// The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.
        public let resourceId: String?
        /// The validation status for a DNSSEC configuration. The status can be one of the following:    ENABLING: DNSSEC validation is being enabled but is not complete.    ENABLED: DNSSEC validation is enabled.    DISABLING: DNSSEC validation is being disabled but is not complete.    DISABLED DNSSEC validation is disabled.
        public let validationStatus: ResolverDNSSECValidationStatus?

        @inlinable
        public init(id: String? = nil, ownerId: String? = nil, resourceId: String? = nil, validationStatus: ResolverDNSSECValidationStatus? = nil) {
            self.id = id
            self.ownerId = ownerId
            self.resourceId = resourceId
            self.validationStatus = validationStatus
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case ownerId = "OwnerId"
            case resourceId = "ResourceId"
            case validationStatus = "ValidationStatus"
        }
    }

    public struct ResolverEndpoint: AWSDecodableShape {
        /// The ARN (Amazon Resource Name) for the Resolver endpoint.
        public let arn: String?
        /// The date and time that the endpoint was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string that identifies the request that created the Resolver endpoint. The
        /// 				CreatorRequestId allows failed requests to be retried without the risk
        /// 			of running the operation twice.
        public let creatorRequestId: String?
        /// Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:    INBOUND: allows DNS queries to your VPC from your network    OUTBOUND: allows DNS queries from your VPC to your network    INBOUND_DELEGATION: Resolver delegates queries to Route 53 private hosted zones from your network.
        public let direction: ResolverEndpointDirection?
        /// The ID of the VPC that you want to create the Resolver endpoint in.
        public let hostVPCId: String?
        /// The ID of the Resolver endpoint.
        public let id: String?
        /// The number of IP addresses that the Resolver endpoint can use for DNS queries.
        public let ipAddressCount: Int?
        /// The date and time that the endpoint was last modified, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// The name that you assigned to the Resolver endpoint when you submitted a
        /// 			CreateResolverEndpoint
        /// 			request.
        public let name: String?
        /// The ARN (Amazon Resource Name) for the Outpost.
        public let outpostArn: String?
        /// 			The Amazon EC2 instance type.
        ///
        public let preferredInstanceType: String?
        /// 			Protocols used for the endpoint. DoH-FIPS is applicable for a default inbound endpoints only.
        /// 		 For an inbound endpoint you can apply the protocols as follows:   Do53  and DoH in combination.   Do53  and DoH-FIPS in combination.   Do53 alone.   DoH alone.   DoH-FIPS alone.   None, which is treated as Do53.   For a delegation inbound endpoint you can use Do53 only. For an outbound endpoint you can apply the protocols as follows:   Do53  and DoH in combination.   Do53 alone.   DoH alone.   None, which is treated as Do53.
        public let protocols: [`Protocol`]?
        /// 			The Resolver endpoint IP address type.
        ///
        public let resolverEndpointType: ResolverEndpointType?
        /// The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules
        /// 			(for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access.
        /// 			For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.
        public let securityGroupIds: [String]?
        /// A code that specifies the current status of the Resolver endpoint. Valid values include the following:    CREATING: Resolver is creating and configuring one or more Amazon VPC network interfaces
        /// 				for this endpoint.    OPERATIONAL: The Amazon VPC network interfaces for this endpoint are correctly configured and
        /// 				able to pass inbound or outbound DNS queries between your network and Resolver.    UPDATING: Resolver is associating or disassociating one or more network interfaces
        /// 				with this endpoint.    AUTO_RECOVERING: Resolver is trying to recover one or more of the network interfaces
        /// 				that are associated with this endpoint. During the recovery process, the endpoint functions with limited capacity because of the
        /// 				limit on the number of DNS queries per IP address (per network interface). For the current limit, see
        /// 				Limits on Route 53 Resolver.    ACTION_NEEDED: This endpoint is unhealthy, and Resolver can't automatically recover it.
        /// 				To resolve the problem, we recommend that you check each IP address that you associated with the endpoint. For each IP address
        /// 				that isn't available, add another IP address and then delete the IP address that isn't available. (An endpoint must always include
        /// 				at least two IP addresses.) A status of ACTION_NEEDED can have a variety of causes. Here are two common causes:   One or more of the network interfaces that are associated with the endpoint were deleted using Amazon VPC.   The network interface couldn't be created for some reason that's outside the control of Resolver.      DELETING: Resolver is deleting this endpoint and the associated network interfaces.
        public let status: ResolverEndpointStatus?
        /// A detailed description of the status of the Resolver endpoint.
        public let statusMessage: String?

        @inlinable
        public init(arn: String? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, direction: ResolverEndpointDirection? = nil, hostVPCId: String? = nil, id: String? = nil, ipAddressCount: Int? = nil, modificationTime: String? = nil, name: String? = nil, outpostArn: String? = nil, preferredInstanceType: String? = nil, protocols: [`Protocol`]? = nil, resolverEndpointType: ResolverEndpointType? = nil, securityGroupIds: [String]? = nil, status: ResolverEndpointStatus? = nil, statusMessage: String? = nil) {
            self.arn = arn
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.direction = direction
            self.hostVPCId = hostVPCId
            self.id = id
            self.ipAddressCount = ipAddressCount
            self.modificationTime = modificationTime
            self.name = name
            self.outpostArn = outpostArn
            self.preferredInstanceType = preferredInstanceType
            self.protocols = protocols
            self.resolverEndpointType = resolverEndpointType
            self.securityGroupIds = securityGroupIds
            self.status = status
            self.statusMessage = statusMessage
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case direction = "Direction"
            case hostVPCId = "HostVPCId"
            case id = "Id"
            case ipAddressCount = "IpAddressCount"
            case modificationTime = "ModificationTime"
            case name = "Name"
            case outpostArn = "OutpostArn"
            case preferredInstanceType = "PreferredInstanceType"
            case protocols = "Protocols"
            case resolverEndpointType = "ResolverEndpointType"
            case securityGroupIds = "SecurityGroupIds"
            case status = "Status"
            case statusMessage = "StatusMessage"
        }
    }

    public struct ResolverQueryLogConfig: AWSDecodableShape {
        /// The ARN for the query logging configuration.
        public let arn: String?
        /// The number of VPCs that are associated with the query logging configuration.
        public let associationCount: Int?
        /// The date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string that identifies the request that created the query logging configuration.
        /// 			The CreatorRequestId allows failed requests to be retried without the risk
        /// 			of running the operation twice.
        public let creatorRequestId: String?
        /// The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or
        /// 			a Kinesis Data Firehose delivery stream.
        public let destinationArn: String?
        /// The ID for the query logging configuration.
        public let id: String?
        /// The name of the query logging configuration.
        public let name: String?
        /// The Amazon Web Services account ID for the account that created the query logging configuration.
        public let ownerId: String?
        /// An indication of whether the query logging configuration is shared with other Amazon Web Services accounts, or was shared with the current account by another
        /// 			Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
        public let shareStatus: ShareStatus?
        /// The status of the specified query logging configuration. Valid values include the following:    CREATING: Resolver is creating the query logging configuration.    CREATED: The query logging configuration was successfully created.
        /// 				Resolver is logging queries that originate in the specified VPC.    DELETING: Resolver is deleting this query logging configuration.    FAILED: Resolver can't deliver logs to the location that is specified in the query logging configuration.
        /// 				Here are two common causes:   The specified destination (for example, an Amazon S3 bucket) was deleted.   Permissions don't allow sending logs to the destination.
        public let status: ResolverQueryLogConfigStatus?

        @inlinable
        public init(arn: String? = nil, associationCount: Int? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, destinationArn: String? = nil, id: String? = nil, name: String? = nil, ownerId: String? = nil, shareStatus: ShareStatus? = nil, status: ResolverQueryLogConfigStatus? = nil) {
            self.arn = arn
            self.associationCount = associationCount
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.destinationArn = destinationArn
            self.id = id
            self.name = name
            self.ownerId = ownerId
            self.shareStatus = shareStatus
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case associationCount = "AssociationCount"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case destinationArn = "DestinationArn"
            case id = "Id"
            case name = "Name"
            case ownerId = "OwnerId"
            case shareStatus = "ShareStatus"
            case status = "Status"
        }
    }

    public struct ResolverQueryLogConfigAssociation: AWSDecodableShape {
        /// The date and time that the VPC was associated with the query logging configuration, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// If the value of Status is FAILED, the value of Error indicates the cause:    DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.    ACCESS_DENIED: Permissions don't allow sending logs to the destination.   If the value of Status is a value other than FAILED, Error is null.
        public let error: ResolverQueryLogConfigAssociationError?
        /// Contains additional information about the error. If the value or Error is null, the value of ErrorMessage also is null.
        public let errorMessage: String?
        /// The ID of the query logging association.
        public let id: String?
        /// The ID of the query logging configuration that a VPC is associated with.
        public let resolverQueryLogConfigId: String?
        /// The ID of the Amazon VPC that is associated with the query logging configuration.
        public let resourceId: String?
        /// The status of the specified query logging association. Valid values include the following:    CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.    ACTIVE: The association between an Amazon VPC and a query logging configuration
        /// 				was successfully created. Resolver is logging queries that originate in the specified VPC.    DELETING: Resolver is deleting this query logging association.    FAILED: Resolver either couldn't create or couldn't delete the query logging association.
        public let status: ResolverQueryLogConfigAssociationStatus?

        @inlinable
        public init(creationTime: String? = nil, error: ResolverQueryLogConfigAssociationError? = nil, errorMessage: String? = nil, id: String? = nil, resolverQueryLogConfigId: String? = nil, resourceId: String? = nil, status: ResolverQueryLogConfigAssociationStatus? = nil) {
            self.creationTime = creationTime
            self.error = error
            self.errorMessage = errorMessage
            self.id = id
            self.resolverQueryLogConfigId = resolverQueryLogConfigId
            self.resourceId = resourceId
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case creationTime = "CreationTime"
            case error = "Error"
            case errorMessage = "ErrorMessage"
            case id = "Id"
            case resolverQueryLogConfigId = "ResolverQueryLogConfigId"
            case resourceId = "ResourceId"
            case status = "Status"
        }
    }

    public struct ResolverRule: AWSDecodableShape {
        /// The ARN (Amazon Resource Name) for the Resolver rule specified by Id.
        public let arn: String?
        /// The date and time that the Resolver rule was created, in Unix time format and Coordinated Universal Time (UTC).
        public let creationTime: String?
        /// A unique string that you specified when you created the Resolver rule.
        /// 				CreatorRequestId identifies the request and allows failed requests to
        /// 			be retried without the risk of running the operation twice.
        public let creatorRequestId: String?
        /// 			DNS queries with delegation records that point to this domain name are forwarded to resolvers on your network.
        ///
        public let delegationRecord: String?
        /// DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps. If a query matches
        /// 			multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name
        /// 			(www.example.com).
        public let domainName: String?
        /// The ID that Resolver assigned to the Resolver rule when you created it.
        public let id: String?
        /// The date and time that the Resolver rule was last updated, in Unix time format and Coordinated Universal Time (UTC).
        public let modificationTime: String?
        /// The name for the Resolver rule, which you specified when you created the Resolver rule.
        public let name: String?
        /// When a rule is shared with another Amazon Web Services account, the account ID of the account that the rule is shared with.
        public let ownerId: String?
        /// The ID of the endpoint that the rule is associated with.
        public let resolverEndpointId: String?
        /// When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD or DELEGATE.
        /// 			If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains
        /// 			the most specific domain name (www.example.com). When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for
        /// 			a subdomain of that domain, specify SYSTEM. For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
        /// 			for RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify
        /// 			SYSTEM for RuleType. Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
        public let ruleType: RuleTypeOption?
        /// Whether the rule is shared and, if so, whether the current account is sharing the rule with
        /// 			another account, or another account is sharing the rule with the current account.
        public let shareStatus: ShareStatus?
        /// A code that specifies the current status of the Resolver rule.
        public let status: ResolverRuleStatus?
        /// A detailed description of the status of a Resolver rule.
        public let statusMessage: String?
        /// An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically,
        /// 			these are the IP addresses of DNS resolvers on your network.
        public let targetIps: [TargetAddress]?

        @inlinable
        public init(arn: String? = nil, creationTime: String? = nil, creatorRequestId: String? = nil, delegationRecord: String? = nil, domainName: String? = nil, id: String? = nil, modificationTime: String? = nil, name: String? = nil, ownerId: String? = nil, resolverEndpointId: String? = nil, ruleType: RuleTypeOption? = nil, shareStatus: ShareStatus? = nil, status: ResolverRuleStatus? = nil, statusMessage: String? = nil, targetIps: [TargetAddress]? = nil) {
            self.arn = arn
            self.creationTime = creationTime
            self.creatorRequestId = creatorRequestId
            self.delegationRecord = delegationRecord
            self.domainName = domainName
            self.id = id
            self.modificationTime = modificationTime
            self.name = name
            self.ownerId = ownerId
            self.resolverEndpointId = resolverEndpointId
            self.ruleType = ruleType
            self.shareStatus = shareStatus
            self.status = status
            self.statusMessage = statusMessage
            self.targetIps = targetIps
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case creationTime = "CreationTime"
            case creatorRequestId = "CreatorRequestId"
            case delegationRecord = "DelegationRecord"
            case domainName = "DomainName"
            case id = "Id"
            case modificationTime = "ModificationTime"
            case name = "Name"
            case ownerId = "OwnerId"
            case resolverEndpointId = "ResolverEndpointId"
            case ruleType = "RuleType"
            case shareStatus = "ShareStatus"
            case status = "Status"
            case statusMessage = "StatusMessage"
            case targetIps = "TargetIps"
        }
    }

    public struct ResolverRuleAssociation: AWSDecodableShape {
        /// The ID of the association between a Resolver rule and a VPC. Resolver assigns this value when you submit an
        /// 			AssociateResolverRule
        /// 			request.
        public let id: String?
        /// The name of an association between a Resolver rule and a VPC.
        public let name: String?
        /// The ID of the Resolver rule that you associated with the VPC that is specified by VPCId.
        public let resolverRuleId: String?
        /// A code that specifies the current status of the association between a Resolver rule and a VPC.
        public let status: ResolverRuleAssociationStatus?
        /// A detailed description of the status of the association between a Resolver rule and a VPC.
        public let statusMessage: String?
        /// The ID of the VPC that you associated the Resolver rule with.
        public let vpcId: String?

        @inlinable
        public init(id: String? = nil, name: String? = nil, resolverRuleId: String? = nil, status: ResolverRuleAssociationStatus? = nil, statusMessage: String? = nil, vpcId: String? = nil) {
            self.id = id
            self.name = name
            self.resolverRuleId = resolverRuleId
            self.status = status
            self.statusMessage = statusMessage
            self.vpcId = vpcId
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case name = "Name"
            case resolverRuleId = "ResolverRuleId"
            case status = "Status"
            case statusMessage = "StatusMessage"
            case vpcId = "VPCId"
        }
    }

    public struct ResolverRuleConfig: AWSEncodableShape {
        /// The new name for the Resolver rule. The name that you specify appears in the Resolver dashboard in the Route 53 console.
        public let name: String?
        /// The ID of the new outbound Resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify in
        /// 			TargetIps.
        public let resolverEndpointId: String?
        /// For DNS queries that originate in your VPC, the new IP addresses that you want to route outbound DNS queries to.
        public let targetIps: [TargetAddress]?

        @inlinable
        public init(name: String? = nil, resolverEndpointId: String? = nil, targetIps: [TargetAddress]? = nil) {
            self.name = name
            self.resolverEndpointId = resolverEndpointId
            self.targetIps = targetIps
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
            try self.targetIps?.forEach {
                try $0.validate(name: "\(name).targetIps[]")
            }
            try self.validate(self.targetIps, name: "targetIps", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case resolverEndpointId = "ResolverEndpointId"
            case targetIps = "TargetIps"
        }
    }

    public struct ResourceExistsException: AWSErrorShape {
        public let message: String?
        /// For a ResourceExistsException error, the type of resource that the error applies to.
        public let resourceType: String?

        @inlinable
        public init(message: String? = nil, resourceType: String? = nil) {
            self.message = message
            self.resourceType = resourceType
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case resourceType = "ResourceType"
        }
    }

    public struct ResourceInUseException: AWSErrorShape {
        public let message: String?
        /// For a ResourceInUseException error, the type of resource that is currently in use.
        public let resourceType: String?

        @inlinable
        public init(message: String? = nil, resourceType: String? = nil) {
            self.message = message
            self.resourceType = resourceType
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case resourceType = "ResourceType"
        }
    }

    public struct ResourceNotFoundException: AWSErrorShape {
        public let message: String?
        /// For a ResourceNotFoundException error, the type of resource that doesn't exist.
        public let resourceType: String?

        @inlinable
        public init(message: String? = nil, resourceType: String? = nil) {
            self.message = message
            self.resourceType = resourceType
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case resourceType = "ResourceType"
        }
    }

    public struct ResourceUnavailableException: AWSErrorShape {
        public let message: String?
        /// For a ResourceUnavailableException error, the type of resource that isn't available.
        public let resourceType: String?

        @inlinable
        public init(message: String? = nil, resourceType: String? = nil) {
            self.message = message
            self.resourceType = resourceType
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case resourceType = "ResourceType"
        }
    }

    public struct Tag: AWSEncodableShape & AWSDecodableShape {
        /// The name for the tag. For example, if you want to associate Resolver resources with the account IDs of your customers for billing purposes,
        /// 			the value of Key might be account-id.
        public let key: String
        /// The value for the tag. For example, if Key is account-id, then Value might be the ID of the
        /// 			customer account that you're creating the resource for.
        public let value: String

        @inlinable
        public init(key: String, value: String) {
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, max: 128)
            try self.validate(self.key, name: "key", parent: name, min: 1)
            try self.validate(self.value, name: "value", parent: name, max: 256)
        }

        private enum CodingKeys: String, CodingKey {
            case key = "Key"
            case value = "Value"
        }
    }

    public struct TagResourceRequest: AWSEncodableShape {
        /// The Amazon Resource Name (ARN) for the resource that you want to add tags to. To get the ARN for a resource, use the applicable
        /// 			Get or List command:     GetResolverEndpoint     GetResolverRule     GetResolverRuleAssociation     ListResolverEndpoints     ListResolverRuleAssociations     ListResolverRules
        public let resourceArn: String
        /// The tags that you want to add to the specified resource.
        public let tags: [Tag]

        @inlinable
        public init(resourceArn: String, tags: [Tag]) {
            self.resourceArn = resourceArn
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, max: 255)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, min: 1)
            try self.tags.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case resourceArn = "ResourceArn"
            case tags = "Tags"
        }
    }

    public struct TagResourceResponse: AWSDecodableShape {
        public init() {}
    }

    public struct TargetAddress: AWSEncodableShape & AWSDecodableShape {
        /// One IPv4 address that you want to forward DNS queries to.
        public let ip: String?
        /// 			One IPv6 address that you want to forward DNS queries to.
        ///
        public let ipv6: String?
        /// The port at Ip that you want to forward DNS queries to.
        public let port: Int?
        /// 			The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.
        public let `protocol`: `Protocol`?
        /// 			The Server Name Indication of the DoH server that you want to forward queries to.
        /// 			This is only used if the Protocol of the TargetAddress is DoH.
        ///
        public let serverNameIndication: String?

        @inlinable
        public init(ip: String? = nil, ipv6: String? = nil, port: Int? = nil, protocol: `Protocol`? = nil, serverNameIndication: String? = nil) {
            self.ip = ip
            self.ipv6 = ipv6
            self.port = port
            self.`protocol` = `protocol`
            self.serverNameIndication = serverNameIndication
        }

        public func validate(name: String) throws {
            try self.validate(self.ip, name: "ip", parent: name, max: 36)
            try self.validate(self.ip, name: "ip", parent: name, min: 7)
            try self.validate(self.ipv6, name: "ipv6", parent: name, max: 39)
            try self.validate(self.ipv6, name: "ipv6", parent: name, min: 7)
            try self.validate(self.port, name: "port", parent: name, max: 65535)
            try self.validate(self.port, name: "port", parent: name, min: 0)
            try self.validate(self.serverNameIndication, name: "serverNameIndication", parent: name, max: 255)
        }

        private enum CodingKeys: String, CodingKey {
            case ip = "Ip"
            case ipv6 = "Ipv6"
            case port = "Port"
            case `protocol` = "Protocol"
            case serverNameIndication = "ServerNameIndication"
        }
    }

    public struct UntagResourceRequest: AWSEncodableShape {
        /// The Amazon Resource Name (ARN) for the resource that you want to remove tags from. To get the ARN for a resource, use the applicable
        /// 			Get or List command:     GetResolverEndpoint     GetResolverRule     GetResolverRuleAssociation     ListResolverEndpoints     ListResolverRuleAssociations     ListResolverRules
        public let resourceArn: String
        /// The tags that you want to remove to the specified resource.
        public let tagKeys: [String]

        @inlinable
        public init(resourceArn: String, tagKeys: [String]) {
            self.resourceArn = resourceArn
            self.tagKeys = tagKeys
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, max: 255)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, min: 1)
            try self.tagKeys.forEach {
                try validate($0, name: "tagKeys[]", parent: name, max: 128)
                try validate($0, name: "tagKeys[]", parent: name, min: 1)
            }
            try self.validate(self.tagKeys, name: "tagKeys", parent: name, max: 200)
        }

        private enum CodingKeys: String, CodingKey {
            case resourceArn = "ResourceArn"
            case tagKeys = "TagKeys"
        }
    }

    public struct UntagResourceResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateFirewallConfigRequest: AWSEncodableShape {
        /// Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply.    By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability.  DNS Firewall blocks queries that it is unable to evaluate properly.    If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it  is unable to properly evaluate them.    This behavior is only enforced for VPCs that have at least one DNS Firewall rule group association.
        public let firewallFailOpen: FirewallFailOpenStatus
        /// The ID of the VPC that the configuration is for.
        public let resourceId: String

        @inlinable
        public init(firewallFailOpen: FirewallFailOpenStatus, resourceId: String) {
            self.firewallFailOpen = firewallFailOpen
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case firewallFailOpen = "FirewallFailOpen"
            case resourceId = "ResourceId"
        }
    }

    public struct UpdateFirewallConfigResponse: AWSDecodableShape {
        /// Configuration of the firewall behavior provided by DNS Firewall for a single VPC.
        public let firewallConfig: FirewallConfig?

        @inlinable
        public init(firewallConfig: FirewallConfig? = nil) {
            self.firewallConfig = firewallConfig
        }

        private enum CodingKeys: String, CodingKey {
            case firewallConfig = "FirewallConfig"
        }
    }

    public struct UpdateFirewallDomainsRequest: AWSEncodableShape {
        /// A list of domains to use in the update operation.  There is a limit of 1000 domains per request.  Each domain specification in your domain list must satisfy the following
        /// 	requirements:    It can optionally start with * (asterisk).   With the exception of the optional starting asterisk, it must only contain 	   the following characters: A-Z, a-z, 	   0-9, - (hyphen).   It must be from 1-255 characters in length.
        public let domains: [String]
        /// The ID of the domain list whose domains you want to update.
        public let firewallDomainListId: String
        /// What you want DNS Firewall to do with the domains that you are providing:     ADD - Add the domains to the ones that are already in the domain list.     REMOVE - Search the domain list for the domains and remove them from the list.    REPLACE - Update the domain list to exactly match the list that you are providing.
        public let operation: FirewallDomainUpdateOperation

        @inlinable
        public init(domains: [String], firewallDomainListId: String, operation: FirewallDomainUpdateOperation) {
            self.domains = domains
            self.firewallDomainListId = firewallDomainListId
            self.operation = operation
        }

        public func validate(name: String) throws {
            try self.domains.forEach {
                try validate($0, name: "domains[]", parent: name, max: 255)
                try validate($0, name: "domains[]", parent: name, min: 1)
            }
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case domains = "Domains"
            case firewallDomainListId = "FirewallDomainListId"
            case operation = "Operation"
        }
    }

    public struct UpdateFirewallDomainsResponse: AWSDecodableShape {
        /// The ID of the firewall domain list that DNS Firewall just updated.
        public let id: String?
        /// The name of the domain list.
        public let name: String?
        /// Status of the UpdateFirewallDomains request.
        public let status: FirewallDomainListStatus?
        /// Additional information about the status of the list, if available.
        public let statusMessage: String?

        @inlinable
        public init(id: String? = nil, name: String? = nil, status: FirewallDomainListStatus? = nil, statusMessage: String? = nil) {
            self.id = id
            self.name = name
            self.status = status
            self.statusMessage = statusMessage
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case name = "Name"
            case status = "Status"
            case statusMessage = "StatusMessage"
        }
    }

    public struct UpdateFirewallRuleGroupAssociationRequest: AWSEncodableShape {
        /// The identifier of the FirewallRuleGroupAssociation.
        public let firewallRuleGroupAssociationId: String
        /// If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.
        public let mutationProtection: MutationProtectionStatus?
        /// The name of the rule group association.
        public let name: String?
        /// The setting that determines the processing order of the rule group among the rule
        /// 			groups that you associate with the specified VPC. DNS Firewall filters VPC traffic
        /// 			starting from the rule group with the lowest numeric priority setting.  You must specify a unique priority for each rule group that you associate with a single VPC.  To make it easier to insert rule groups later, leave space between the numbers, for example, use 100, 200, and so on. You  can change the priority setting for a rule group association after you create it.
        public let priority: Int?

        @inlinable
        public init(firewallRuleGroupAssociationId: String, mutationProtection: MutationProtectionStatus? = nil, name: String? = nil, priority: Int? = nil) {
            self.firewallRuleGroupAssociationId = firewallRuleGroupAssociationId
            self.mutationProtection = mutationProtection
            self.name = name
            self.priority = priority
        }

        public func validate(name: String) throws {
            try self.validate(self.firewallRuleGroupAssociationId, name: "firewallRuleGroupAssociationId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupAssociationId, name: "firewallRuleGroupAssociationId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociationId = "FirewallRuleGroupAssociationId"
            case mutationProtection = "MutationProtection"
            case name = "Name"
            case priority = "Priority"
        }
    }

    public struct UpdateFirewallRuleGroupAssociationResponse: AWSDecodableShape {
        /// The association that you just updated.
        public let firewallRuleGroupAssociation: FirewallRuleGroupAssociation?

        @inlinable
        public init(firewallRuleGroupAssociation: FirewallRuleGroupAssociation? = nil) {
            self.firewallRuleGroupAssociation = firewallRuleGroupAssociation
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRuleGroupAssociation = "FirewallRuleGroupAssociation"
        }
    }

    public struct UpdateFirewallRuleRequest: AWSEncodableShape {
        /// The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:    ALLOW - Permit the request to go through. Not available for DNS Firewall Advanced rules.    ALERT - Permit the request to go through but send an alert to the logs.    BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.
        public let action: Action?
        /// The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
        public let blockOverrideDnsType: BlockOverrideDnsType?
        /// The custom DNS record to send back in response to the query. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
        public let blockOverrideDomain: String?
        /// The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
        public let blockOverrideTtl: Int?
        /// The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.    NODATA - Respond indicating that the query was successful, but no response is available for it.    NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.    OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
        public let blockResponse: BlockResponse?
        /// 			The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule. The confidence
        /// 			level values mean:
        /// 		    LOW: Provides the highest detection rate for threats, but also increases false positives.    MEDIUM: Provides a balance between detecting threats and false positives.    HIGH: Detects only the most well corroborated threats with a low rate of false positives.
        public let confidenceThreshold: ConfidenceThreshold?
        /// 			The type of the DNS Firewall Advanced rule. Valid values are:
        /// 		    DGA: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains
        /// 				to to launch malware attacks.    DNS_TUNNELING: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without
        /// 				making a network connection to the client.
        public let dnsThreatProtection: DnsThreatProtection?
        /// The ID of the domain list to use in the rule.
        public let firewallDomainListId: String?
        /// 			How you want the the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.
        /// 		  INSPECT_REDIRECTION_DOMAIN: (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be
        /// 			added to the domain list.  TRUST_REDIRECTION_DOMAIN: Inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the domain in the redirection list to
        /// 			the domain list.
        public let firewallDomainRedirectionAction: FirewallDomainRedirectionAction?
        /// The unique identifier of the firewall rule group for the rule.
        public let firewallRuleGroupId: String
        /// 			The DNS Firewall Advanced rule ID.
        ///
        public let firewallThreatProtectionId: String?
        /// The name of the rule.
        public let name: String?
        /// The setting that determines the processing order of the rule in the rule group. DNS Firewall  processes the rules in a rule group by order of priority, starting from the lowest setting. You must specify a unique priority for each rule in a rule group.  To make it easier to insert rules later, leave space between the numbers, for example, use 100, 200, and so on. You  can change the priority setting for the rules in a rule group at any time.
        public let priority: Int?
        /// 			The DNS query type you want the rule to evaluate. Allowed values are;
        ///
        /// 				A: Returns an IPv4 address.   AAAA: Returns an Ipv6 address.   CAA: Restricts CAs that can create SSL/TLS certifications for the domain.   CNAME: Returns another domain name.   DS: Record that identifies the DNSSEC signing key of a delegated zone.   MX: Specifies mail servers.   NAPTR: Regular-expression-based rewriting of domain names.   NS: Authoritative name servers.   PTR: Maps an IP address to a domain name.   SOA: Start of authority record for the zone.   SPF: Lists the servers authorized to send emails from a domain.   SRV: Application specific values that identify servers.   TXT: Verifies email senders and application-specific values.   A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be
        /// 				defined as TYPENUMBER, where the
        /// 				NUMBER can be 1-65334, for
        /// 				example, TYPE28. For more information, see
        /// 				List of DNS record types.  If you set up a firewall BLOCK rule with action NXDOMAIN on query type equals AAAA,
        /// 					this action will not be applied to synthetic IPv6 addresses generated when DNS64 is enabled.
        public let qtype: String?

        @inlinable
        public init(action: Action? = nil, blockOverrideDnsType: BlockOverrideDnsType? = nil, blockOverrideDomain: String? = nil, blockOverrideTtl: Int? = nil, blockResponse: BlockResponse? = nil, confidenceThreshold: ConfidenceThreshold? = nil, dnsThreatProtection: DnsThreatProtection? = nil, firewallDomainListId: String? = nil, firewallDomainRedirectionAction: FirewallDomainRedirectionAction? = nil, firewallRuleGroupId: String, firewallThreatProtectionId: String? = nil, name: String? = nil, priority: Int? = nil, qtype: String? = nil) {
            self.action = action
            self.blockOverrideDnsType = blockOverrideDnsType
            self.blockOverrideDomain = blockOverrideDomain
            self.blockOverrideTtl = blockOverrideTtl
            self.blockResponse = blockResponse
            self.confidenceThreshold = confidenceThreshold
            self.dnsThreatProtection = dnsThreatProtection
            self.firewallDomainListId = firewallDomainListId
            self.firewallDomainRedirectionAction = firewallDomainRedirectionAction
            self.firewallRuleGroupId = firewallRuleGroupId
            self.firewallThreatProtectionId = firewallThreatProtectionId
            self.name = name
            self.priority = priority
            self.qtype = qtype
        }

        public func validate(name: String) throws {
            try self.validate(self.blockOverrideDomain, name: "blockOverrideDomain", parent: name, max: 255)
            try self.validate(self.blockOverrideDomain, name: "blockOverrideDomain", parent: name, min: 1)
            try self.validate(self.blockOverrideTtl, name: "blockOverrideTtl", parent: name, max: 604800)
            try self.validate(self.blockOverrideTtl, name: "blockOverrideTtl", parent: name, min: 0)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, max: 64)
            try self.validate(self.firewallDomainListId, name: "firewallDomainListId", parent: name, min: 1)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, max: 64)
            try self.validate(self.firewallRuleGroupId, name: "firewallRuleGroupId", parent: name, min: 1)
            try self.validate(self.firewallThreatProtectionId, name: "firewallThreatProtectionId", parent: name, max: 64)
            try self.validate(self.firewallThreatProtectionId, name: "firewallThreatProtectionId", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.qtype, name: "qtype", parent: name, max: 16)
            try self.validate(self.qtype, name: "qtype", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case action = "Action"
            case blockOverrideDnsType = "BlockOverrideDnsType"
            case blockOverrideDomain = "BlockOverrideDomain"
            case blockOverrideTtl = "BlockOverrideTtl"
            case blockResponse = "BlockResponse"
            case confidenceThreshold = "ConfidenceThreshold"
            case dnsThreatProtection = "DnsThreatProtection"
            case firewallDomainListId = "FirewallDomainListId"
            case firewallDomainRedirectionAction = "FirewallDomainRedirectionAction"
            case firewallRuleGroupId = "FirewallRuleGroupId"
            case firewallThreatProtectionId = "FirewallThreatProtectionId"
            case name = "Name"
            case priority = "Priority"
            case qtype = "Qtype"
        }
    }

    public struct UpdateFirewallRuleResponse: AWSDecodableShape {
        /// The firewall rule that you just updated.
        public let firewallRule: FirewallRule?

        @inlinable
        public init(firewallRule: FirewallRule? = nil) {
            self.firewallRule = firewallRule
        }

        private enum CodingKeys: String, CodingKey {
            case firewallRule = "FirewallRule"
        }
    }

    public struct UpdateIpAddress: AWSEncodableShape {
        ///  The ID of the IP address, specified by the ResolverEndpointId.
        public let ipId: String
        /// 			The IPv6 address that you want to use for DNS queries.
        ///
        public let ipv6: String

        @inlinable
        public init(ipId: String, ipv6: String) {
            self.ipId = ipId
            self.ipv6 = ipv6
        }

        public func validate(name: String) throws {
            try self.validate(self.ipId, name: "ipId", parent: name, max: 64)
            try self.validate(self.ipId, name: "ipId", parent: name, min: 1)
            try self.validate(self.ipv6, name: "ipv6", parent: name, max: 39)
            try self.validate(self.ipv6, name: "ipv6", parent: name, min: 7)
        }

        private enum CodingKeys: String, CodingKey {
            case ipId = "IpId"
            case ipv6 = "Ipv6"
        }
    }

    public struct UpdateOutpostResolverRequest: AWSEncodableShape {
        /// A unique string that identifies Resolver on an Outpost.
        public let id: String
        /// The Amazon EC2 instance count for a Resolver on the Outpost.
        public let instanceCount: Int?
        /// Name of the Resolver on the Outpost.
        public let name: String?
        /// 			Amazon EC2 instance type.
        ///
        public let preferredInstanceType: String?

        @inlinable
        public init(id: String, instanceCount: Int? = nil, name: String? = nil, preferredInstanceType: String? = nil) {
            self.id = id
            self.instanceCount = instanceCount
            self.name = name
            self.preferredInstanceType = preferredInstanceType
        }

        public func validate(name: String) throws {
            try self.validate(self.id, name: "id", parent: name, max: 64)
            try self.validate(self.id, name: "id", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.preferredInstanceType, name: "preferredInstanceType", parent: name, max: 255)
            try self.validate(self.preferredInstanceType, name: "preferredInstanceType", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case instanceCount = "InstanceCount"
            case name = "Name"
            case preferredInstanceType = "PreferredInstanceType"
        }
    }

    public struct UpdateOutpostResolverResponse: AWSDecodableShape {
        /// The response to an UpdateOutpostResolver request.
        public let outpostResolver: OutpostResolver?

        @inlinable
        public init(outpostResolver: OutpostResolver? = nil) {
            self.outpostResolver = outpostResolver
        }

        private enum CodingKeys: String, CodingKey {
            case outpostResolver = "OutpostResolver"
        }
    }

    public struct UpdateResolverConfigRequest: AWSEncodableShape {
        /// Indicates whether or not the Resolver will create autodefined rules for reverse DNS
        /// 			lookups. This is enabled by default. Disabling this option will also affect EC2-Classic
        /// 			instances using ClassicLink. For more information, see ClassicLink in the
        /// 					Amazon EC2 guide.  We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the
        /// 			Amazon EC2 guide and the blog EC2-Classic Networking is Retiring – Here’s How to Prepare.   It can take some time for the status change to be completed.
        public let autodefinedReverseFlag: AutodefinedReverseFlag
        /// The ID of the Amazon Virtual Private Cloud VPC or a Route 53 Profile that you're configuring Resolver for.
        public let resourceId: String

        @inlinable
        public init(autodefinedReverseFlag: AutodefinedReverseFlag, resourceId: String) {
            self.autodefinedReverseFlag = autodefinedReverseFlag
            self.resourceId = resourceId
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case autodefinedReverseFlag = "AutodefinedReverseFlag"
            case resourceId = "ResourceId"
        }
    }

    public struct UpdateResolverConfigResponse: AWSDecodableShape {
        /// An array that contains settings for the specified Resolver configuration.
        public let resolverConfig: ResolverConfig?

        @inlinable
        public init(resolverConfig: ResolverConfig? = nil) {
            self.resolverConfig = resolverConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverConfig = "ResolverConfig"
        }
    }

    public struct UpdateResolverDnssecConfigRequest: AWSEncodableShape {
        /// The ID of the virtual private cloud (VPC) that you're updating the DNSSEC validation status for.
        public let resourceId: String
        /// The new value that you are specifying for DNSSEC validation for the VPC. The value can be ENABLE
        /// 			or DISABLE. Be aware that it can take time for a validation status change to be completed.
        public let validation: Validation

        @inlinable
        public init(resourceId: String, validation: Validation) {
            self.resourceId = resourceId
            self.validation = validation
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceId, name: "resourceId", parent: name, max: 64)
            try self.validate(self.resourceId, name: "resourceId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case resourceId = "ResourceId"
            case validation = "Validation"
        }
    }

    public struct UpdateResolverDnssecConfigResponse: AWSDecodableShape {
        /// A complex type that contains settings for the specified DNSSEC configuration.
        public let resolverDNSSECConfig: ResolverDnssecConfig?

        @inlinable
        public init(resolverDNSSECConfig: ResolverDnssecConfig? = nil) {
            self.resolverDNSSECConfig = resolverDNSSECConfig
        }

        private enum CodingKeys: String, CodingKey {
            case resolverDNSSECConfig = "ResolverDNSSECConfig"
        }
    }

    public struct UpdateResolverEndpointRequest: AWSEncodableShape {
        /// The name of the Resolver endpoint that you want to update.
        public let name: String?
        /// 			The protocols you want to use for the endpoint. DoH-FIPS is applicable for default inbound endpoints only.
        /// 		 For a default inbound endpoint you can apply the protocols as follows:   Do53  and DoH in combination.   Do53  and DoH-FIPS in combination.   Do53 alone.   DoH alone.   DoH-FIPS alone.   None, which is treated as Do53.   For a delegation inbound endpoint you can use Do53 only. For an outbound endpoint you can apply the protocols as follows:   Do53  and DoH in combination.   Do53 alone.   DoH alone.   None, which is treated as Do53.    You can't change the protocol of an inbound endpoint directly from only Do53 to only DoH, or DoH-FIPS.
        /// 			This is to prevent a sudden disruption to incoming traffic that
        /// 			relies on Do53. To change the protocol from Do53 to DoH, or DoH-FIPS, you must
        /// 			first enable both Do53 and DoH, or Do53 and DoH-FIPS, to make sure that all incoming traffic
        /// 			has transferred to using the DoH protocol, or DoH-FIPS, and then remove the
        /// 			Do53.
        public let protocols: [`Protocol`]?
        /// The ID of the Resolver endpoint that you want to update.
        public let resolverEndpointId: String
        /// 			Specifies the endpoint type for what type of IP address the endpoint uses to forward DNS queries.
        /// 		 Updating to IPV6 type isn't currently supported.
        public let resolverEndpointType: ResolverEndpointType?
        /// 			Specifies the IPv6 address when you update the Resolver endpoint from IPv4 to dual-stack.
        /// 			If you don't specify an IPv6 address, one will be automatically chosen from your subnet.
        ///
        public let updateIpAddresses: [UpdateIpAddress]?

        @inlinable
        public init(name: String? = nil, protocols: [`Protocol`]? = nil, resolverEndpointId: String, resolverEndpointType: ResolverEndpointType? = nil, updateIpAddresses: [UpdateIpAddress]? = nil) {
            self.name = name
            self.protocols = protocols
            self.resolverEndpointId = resolverEndpointId
            self.resolverEndpointType = resolverEndpointType
            self.updateIpAddresses = updateIpAddresses
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, pattern: "^(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)$")
            try self.validate(self.protocols, name: "protocols", parent: name, max: 2)
            try self.validate(self.protocols, name: "protocols", parent: name, min: 1)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, max: 64)
            try self.validate(self.resolverEndpointId, name: "resolverEndpointId", parent: name, min: 1)
            try self.updateIpAddresses?.forEach {
                try $0.validate(name: "\(name).updateIpAddresses[]")
            }
            try self.validate(self.updateIpAddresses, name: "updateIpAddresses", parent: name, max: 50)
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case protocols = "Protocols"
            case resolverEndpointId = "ResolverEndpointId"
            case resolverEndpointType = "ResolverEndpointType"
            case updateIpAddresses = "UpdateIpAddresses"
        }
    }

    public struct UpdateResolverEndpointResponse: AWSDecodableShape {
        /// The response to an UpdateResolverEndpoint request.
        public let resolverEndpoint: ResolverEndpoint?

        @inlinable
        public init(resolverEndpoint: ResolverEndpoint? = nil) {
            self.resolverEndpoint = resolverEndpoint
        }

        private enum CodingKeys: String, CodingKey {
            case resolverEndpoint = "ResolverEndpoint"
        }
    }

    public struct UpdateResolverRuleRequest: AWSEncodableShape {
        /// The new settings for the Resolver rule.
        public let config: ResolverRuleConfig
        /// The ID of the Resolver rule that you want to update.
        public let resolverRuleId: String

        @inlinable
        public init(config: ResolverRuleConfig, resolverRuleId: String) {
            self.config = config
            self.resolverRuleId = resolverRuleId
        }

        public func validate(name: String) throws {
            try self.config.validate(name: "\(name).config")
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, max: 64)
            try self.validate(self.resolverRuleId, name: "resolverRuleId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case config = "Config"
            case resolverRuleId = "ResolverRuleId"
        }
    }

    public struct UpdateResolverRuleResponse: AWSDecodableShape {
        /// The response to an UpdateResolverRule request.
        public let resolverRule: ResolverRule?

        @inlinable
        public init(resolverRule: ResolverRule? = nil) {
            self.resolverRule = resolverRule
        }

        private enum CodingKeys: String, CodingKey {
            case resolverRule = "ResolverRule"
        }
    }
}

// MARK: - Errors

/// Error enum for Route53Resolver
public struct Route53ResolverErrorType: AWSErrorType {
    enum Code: String {
        case accessDeniedException = "AccessDeniedException"
        case conflictException = "ConflictException"
        case internalServiceErrorException = "InternalServiceErrorException"
        case invalidNextTokenException = "InvalidNextTokenException"
        case invalidParameterException = "InvalidParameterException"
        case invalidPolicyDocument = "InvalidPolicyDocument"
        case invalidRequestException = "InvalidRequestException"
        case invalidTagException = "InvalidTagException"
        case limitExceededException = "LimitExceededException"
        case resourceExistsException = "ResourceExistsException"
        case resourceInUseException = "ResourceInUseException"
        case resourceNotFoundException = "ResourceNotFoundException"
        case resourceUnavailableException = "ResourceUnavailableException"
        case serviceQuotaExceededException = "ServiceQuotaExceededException"
        case throttlingException = "ThrottlingException"
        case unknownResourceException = "UnknownResourceException"
        case validationException = "ValidationException"
    }

    private let error: Code
    public let context: AWSErrorContext?

    /// initialize Route53Resolver
    public init?(errorCode: String, context: AWSErrorContext) {
        guard let error = Code(rawValue: errorCode) else { return nil }
        self.error = error
        self.context = context
    }

    internal init(_ error: Code) {
        self.error = error
        self.context = nil
    }

    /// return error code string
    public var errorCode: String { self.error.rawValue }

    /// The current account doesn't have the IAM permissions required to perform the specified Resolver operation. This error can also be thrown when a customer has reached the 5120 character limit for a
    /// 			resource policy for CloudWatch Logs.
    public static var accessDeniedException: Self { .init(.accessDeniedException) }
    /// The requested state transition isn't valid. For example, you can't delete a firewall
    /// 			domain list if it is in the process of being deleted, or you can't import domains into a
    /// 			domain list that is in the process of being deleted.
    public static var conflictException: Self { .init(.conflictException) }
    /// We encountered an unknown error. Try again in a few minutes.
    public static var internalServiceErrorException: Self { .init(.internalServiceErrorException) }
    /// The value that you specified for NextToken in a List request isn't valid.
    public static var invalidNextTokenException: Self { .init(.invalidNextTokenException) }
    /// One or more parameters in this request are not valid.
    public static var invalidParameterException: Self { .init(.invalidParameterException) }
    /// The specified Resolver rule policy is invalid.
    public static var invalidPolicyDocument: Self { .init(.invalidPolicyDocument) }
    /// The request is invalid.
    public static var invalidRequestException: Self { .init(.invalidRequestException) }
    /// The specified tag is invalid.
    public static var invalidTagException: Self { .init(.invalidTagException) }
    /// The request caused one or more limits to be exceeded.
    public static var limitExceededException: Self { .init(.limitExceededException) }
    /// The resource that you tried to create already exists.
    public static var resourceExistsException: Self { .init(.resourceExistsException) }
    /// The resource that you tried to update or delete is currently in use.
    public static var resourceInUseException: Self { .init(.resourceInUseException) }
    /// The specified resource doesn't exist.
    public static var resourceNotFoundException: Self { .init(.resourceNotFoundException) }
    /// The specified resource isn't available.
    public static var resourceUnavailableException: Self { .init(.resourceUnavailableException) }
    /// Fulfilling the request would cause one or more quotas to be exceeded.
    public static var serviceQuotaExceededException: Self { .init(.serviceQuotaExceededException) }
    /// The request was throttled. Try again in a few minutes.
    public static var throttlingException: Self { .init(.throttlingException) }
    /// The specified resource doesn't exist.
    public static var unknownResourceException: Self { .init(.unknownResourceException) }
    /// You have provided an invalid command. If you ran the UpdateFirewallDomains request. supported values are ADD,
    /// 			REMOVE, or REPLACE a domain.
    public static var validationException: Self { .init(.validationException) }
}

extension Route53ResolverErrorType: AWSServiceErrorType {
    public static let errorCodeMap: [String: AWSErrorShape.Type] = [
        "InvalidParameterException": Route53Resolver.InvalidParameterException.self,
        "LimitExceededException": Route53Resolver.LimitExceededException.self,
        "ResourceExistsException": Route53Resolver.ResourceExistsException.self,
        "ResourceInUseException": Route53Resolver.ResourceInUseException.self,
        "ResourceNotFoundException": Route53Resolver.ResourceNotFoundException.self,
        "ResourceUnavailableException": Route53Resolver.ResourceUnavailableException.self
    ]
}

extension Route53ResolverErrorType: Equatable {
    public static func == (lhs: Route53ResolverErrorType, rhs: Route53ResolverErrorType) -> Bool {
        lhs.error == rhs.error
    }
}

extension Route53ResolverErrorType: CustomStringConvertible {
    public var description: String {
        return "\(self.error.rawValue): \(self.message ?? "")"
    }
}
